https://github.com/python/cpython/commit/7252d2b73b3dea0c17a644527b767aa6da1305bd
commit: 7252d2b73b3dea0c17a644527b767aa6da1305bd
branch: 3.10
author: Stan Ulbrych <[email protected]>
committer: pablogsal <[email protected]>
date: 2025-09-28T14:47:31+01:00
summary:
[3.10] gh-139312: Update bundled libexpat to 2.7.3 (GH-139319) (#139379)
files:
A Misc/NEWS.d/next/Library/2025-09-25-07-33-43.gh-issue-139312.ygE8AC.rst
M Modules/expat/expat.h
M Modules/expat/internal.h
M Modules/expat/refresh.sh
M Modules/expat/xmlparse.c
M Modules/expat/xmlrole.h
diff --git
a/Misc/NEWS.d/next/Library/2025-09-25-07-33-43.gh-issue-139312.ygE8AC.rst
b/Misc/NEWS.d/next/Library/2025-09-25-07-33-43.gh-issue-139312.ygE8AC.rst
new file mode 100644
index 00000000000000..5178bda379b3e0
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2025-09-25-07-33-43.gh-issue-139312.ygE8AC.rst
@@ -0,0 +1 @@
+Upgrade bundled libexpat to 2.7.3
diff --git a/Modules/expat/expat.h b/Modules/expat/expat.h
index bb9cdedbac7d3e..290dfeb0f6dd6a 100644
--- a/Modules/expat/expat.h
+++ b/Modules/expat/expat.h
@@ -19,6 +19,7 @@
Copyright (c) 2023 Hanno Böck <[email protected]>
Copyright (c) 2023 Sony Corporation / Snild Dolkow <[email protected]>
Copyright (c) 2024 Taichi Haradaguchi <[email protected]>
+ Copyright (c) 2025 Matthew Fernandez <[email protected]>
Licensed under the MIT license:
Permission is hereby granted, free of charge, to any person obtaining
@@ -276,7 +277,7 @@ XML_ParserCreate_MM(const XML_Char *encoding,
/* Prepare a parser object to be reused. This is particularly
valuable when memory allocation overhead is disproportionately high,
- such as when a large number of small documnents need to be parsed.
+ such as when a large number of small documents need to be parsed.
All handlers are cleared from the parser, except for the
unknownEncodingHandler. The parser's external state is re-initialized
except for the values of ns and ns_triplets.
@@ -1081,7 +1082,7 @@ XML_SetReparseDeferralEnabled(XML_Parser parser, XML_Bool
enabled);
*/
# define XML_MAJOR_VERSION 2
# define XML_MINOR_VERSION 7
-# define XML_MICRO_VERSION 2
+# define XML_MICRO_VERSION 3
# ifdef __cplusplus
}
diff --git a/Modules/expat/internal.h b/Modules/expat/internal.h
index 6e087858ebbe92..8f5edf48ef7c00 100644
--- a/Modules/expat/internal.h
+++ b/Modules/expat/internal.h
@@ -108,6 +108,7 @@
#endif
#include <limits.h> // ULONG_MAX
+#include <stddef.h> // size_t
#if defined(_WIN32)
\
&& (! defined(__USE_MINGW_ANSI_STDIO)
\
@@ -153,6 +154,11 @@
#define EXPAT_ALLOC_TRACKER_ACTIVATION_THRESHOLD_DEFAULT
\
67108864 // 64 MiB, 2^26
+// NOTE: If function expat_alloc was user facing, EXPAT_MALLOC_ALIGNMENT would
+// have to take sizeof(long double) into account
+#define EXPAT_MALLOC_ALIGNMENT sizeof(long long) // largest parser (sub)member
+#define EXPAT_MALLOC_PADDING ((EXPAT_MALLOC_ALIGNMENT) - sizeof(size_t))
+
/* NOTE END */
#include "expat.h" // so we can use type XML_Parser below
diff --git a/Modules/expat/refresh.sh b/Modules/expat/refresh.sh
index 5207ef2f88d40d..a8cca16a7a41f5 100755
--- a/Modules/expat/refresh.sh
+++ b/Modules/expat/refresh.sh
@@ -12,9 +12,9 @@ fi
# Update this when updating to a new version after verifying that the changes
# the update brings in are good. These values are used for verifying the SBOM,
too.
-expected_libexpat_tag="R_2_7_2"
-expected_libexpat_version="2.7.2"
-expected_libexpat_sha256="13d42a125897329bfeecab899cb9b5a3ec8c26072994b5cd4c41f28241f5bce7"
+expected_libexpat_tag="R_2_7_3"
+expected_libexpat_version="2.7.3"
+expected_libexpat_sha256="821ac9710d2c073eaf13e1b1895a9c9aa66c1157a99635c639fbff65cdbdd732"
expat_dir="$(realpath "$(dirname -- "${BASH_SOURCE[0]}")")"
cd ${expat_dir}
diff --git a/Modules/expat/xmlparse.c b/Modules/expat/xmlparse.c
index de159493490061..a187a3a18f1994 100644
--- a/Modules/expat/xmlparse.c
+++ b/Modules/expat/xmlparse.c
@@ -1,4 +1,4 @@
-/* 60e137abb91af642d6c3988f8f133d23329b32638659c74d47125fc0faf6ddd5 (2.7.2+)
+/* 28bcd8b1ba7eb595d82822908257fd9c3589b4243e3c922d0369f35bfcd7b506 (2.7.3+)
__ __ _
___\ \/ /_ __ __ _| |_
/ _ \\ /| '_ \ / _` | __|
@@ -41,6 +41,7 @@
Copyright (c) 2023-2024 Sony Corporation / Snild Dolkow <[email protected]>
Copyright (c) 2024-2025 Berkay Eren Ürün <[email protected]>
Copyright (c) 2024 Hanno Böck <[email protected]>
+ Copyright (c) 2025 Matthew Fernandez <[email protected]>
Licensed under the MIT license:
Permission is hereby granted, free of charge, to any person obtaining
@@ -850,14 +851,14 @@ static void *
# endif
expat_malloc(XML_Parser parser, size_t size, int sourceLine) {
// Detect integer overflow
- if (SIZE_MAX - size < sizeof(size_t)) {
+ if (SIZE_MAX - size < sizeof(size_t) + EXPAT_MALLOC_PADDING) {
return NULL;
}
const XML_Parser rootParser = getRootParserOf(parser, NULL);
assert(rootParser->m_parentParser == NULL);
- const size_t bytesToAllocate = sizeof(size_t) + size;
+ const size_t bytesToAllocate = sizeof(size_t) + EXPAT_MALLOC_PADDING + size;
if ((XmlBigCount)-1 - rootParser->m_alloc_tracker.bytesAllocated
< bytesToAllocate) {
@@ -894,7 +895,7 @@ expat_malloc(XML_Parser parser, size_t size, int
sourceLine) {
rootParser->m_alloc_tracker.peakBytesAllocated,
sourceLine);
}
- return (char *)mallocedPtr + sizeof(size_t);
+ return (char *)mallocedPtr + sizeof(size_t) + EXPAT_MALLOC_PADDING;
}
# if defined(XML_TESTING)
@@ -914,8 +915,9 @@ expat_free(XML_Parser parser, void *ptr, int sourceLine) {
// Extract size (to the eyes of malloc_fcn/realloc_fcn) and
// the original pointer returned by malloc/realloc
- void *const mallocedPtr = (char *)ptr - sizeof(size_t);
- const size_t bytesAllocated = sizeof(size_t) + *(size_t *)mallocedPtr;
+ void *const mallocedPtr = (char *)ptr - EXPAT_MALLOC_PADDING -
sizeof(size_t);
+ const size_t bytesAllocated
+ = sizeof(size_t) + EXPAT_MALLOC_PADDING + *(size_t *)mallocedPtr;
// Update accounting
assert(rootParser->m_alloc_tracker.bytesAllocated >= bytesAllocated);
@@ -954,7 +956,7 @@ expat_realloc(XML_Parser parser, void *ptr, size_t size,
int sourceLine) {
// Extract original size (to the eyes of the caller) and the original
// pointer returned by malloc/realloc
- void *mallocedPtr = (char *)ptr - sizeof(size_t);
+ void *mallocedPtr = (char *)ptr - EXPAT_MALLOC_PADDING - sizeof(size_t);
const size_t prevSize = *(size_t *)mallocedPtr;
// Classify upcoming change
@@ -969,8 +971,13 @@ expat_realloc(XML_Parser parser, void *ptr, size_t size,
int sourceLine) {
}
}
+ // NOTE: Integer overflow detection has already been done for us
+ // by expat_heap_increase_tolerable(..) above
+ assert(SIZE_MAX - sizeof(size_t) - EXPAT_MALLOC_PADDING >= size);
+
// Actually allocate
- mallocedPtr = parser->m_mem.realloc_fcn(mallocedPtr, sizeof(size_t) + size);
+ mallocedPtr = parser->m_mem.realloc_fcn(
+ mallocedPtr, sizeof(size_t) + EXPAT_MALLOC_PADDING + size);
if (mallocedPtr == NULL) {
return NULL;
@@ -1001,7 +1008,7 @@ expat_realloc(XML_Parser parser, void *ptr, size_t size,
int sourceLine) {
// Update in-block recorded size
*(size_t *)mallocedPtr = size;
- return (char *)mallocedPtr + sizeof(size_t);
+ return (char *)mallocedPtr + sizeof(size_t) + EXPAT_MALLOC_PADDING;
}
#endif // XML_GE == 1
@@ -1337,7 +1344,8 @@ parserCreate(const XML_Char *encodingName,
XML_Parser parser = NULL;
#if XML_GE == 1
- const size_t increase = sizeof(size_t) + sizeof(struct XML_ParserStruct);
+ const size_t increase
+ = sizeof(size_t) + EXPAT_MALLOC_PADDING + sizeof(struct
XML_ParserStruct);
if (parentParser != NULL) {
const XML_Parser rootParser = getRootParserOf(parentParser, NULL);
@@ -1352,11 +1360,13 @@ parserCreate(const XML_Char *encodingName,
if (memsuite) {
XML_Memory_Handling_Suite *mtemp;
#if XML_GE == 1
- void *const sizeAndParser = memsuite->malloc_fcn(
- sizeof(size_t) + sizeof(struct XML_ParserStruct));
+ void *const sizeAndParser
+ = memsuite->malloc_fcn(sizeof(size_t) + EXPAT_MALLOC_PADDING
+ + sizeof(struct XML_ParserStruct));
if (sizeAndParser != NULL) {
*(size_t *)sizeAndParser = sizeof(struct XML_ParserStruct);
- parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t));
+ parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t)
+ + EXPAT_MALLOC_PADDING);
#else
parser = memsuite->malloc_fcn(sizeof(struct XML_ParserStruct));
if (parser != NULL) {
@@ -1369,11 +1379,12 @@ parserCreate(const XML_Char *encodingName,
} else {
XML_Memory_Handling_Suite *mtemp;
#if XML_GE == 1
- void *const sizeAndParser
- = malloc(sizeof(size_t) + sizeof(struct XML_ParserStruct));
+ void *const sizeAndParser = malloc(sizeof(size_t) + EXPAT_MALLOC_PADDING
+ + sizeof(struct XML_ParserStruct));
if (sizeAndParser != NULL) {
*(size_t *)sizeAndParser = sizeof(struct XML_ParserStruct);
- parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t));
+ parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t)
+ + EXPAT_MALLOC_PADDING);
#else
parser = malloc(sizeof(struct XML_ParserStruct));
if (parser != NULL) {
@@ -6437,6 +6448,10 @@ internalEntityProcessor(XML_Parser parser, const char
*s, const char *end,
// process its possible inner entities (which are added to the
// m_openInternalEntities during doProlog or doContent calls above)
entity->hasMore = XML_FALSE;
+ if (! entity->is_param
+ && (openEntity->startTagLevel != parser->m_tagLevel)) {
+ return XML_ERROR_ASYNC_ENTITY;
+ }
triggerReenter(parser);
return result;
} // End of entity processing, "if" block will return here
@@ -8135,7 +8150,7 @@ poolGrow(STRING_POOL *pool) {
if (bytesToAllocate == 0)
return XML_FALSE;
- temp = REALLOC(pool->parser, pool->blocks, (unsigned)bytesToAllocate);
+ temp = REALLOC(pool->parser, pool->blocks, bytesToAllocate);
if (temp == NULL)
return XML_FALSE;
pool->blocks = temp;
diff --git a/Modules/expat/xmlrole.h b/Modules/expat/xmlrole.h
index 67bdd3dd5160fc..9d0d4ff11b7f98 100644
--- a/Modules/expat/xmlrole.h
+++ b/Modules/expat/xmlrole.h
@@ -10,7 +10,7 @@
Copyright (c) 2000 Clark Cooper <[email protected]>
Copyright (c) 2002 Karl Waclawek <[email protected]>
Copyright (c) 2002 Fred L. Drake, Jr. <[email protected]>
- Copyright (c) 2017-2024 Sebastian Pipping <[email protected]>
+ Copyright (c) 2017-2025 Sebastian Pipping <[email protected]>
Licensed under the MIT license:
Permission is hereby granted, free of charge, to any person obtaining
_______________________________________________
Python-checkins mailing list -- [email protected]
To unsubscribe send an email to [email protected]
https://mail.python.org/mailman3//lists/python-checkins.python.org
Member address: [email protected]
