Skip to content

gh-142315: Don't pass the "real path" of Pdb script target to system functions #142371

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
johnslavik wants to merge 12 commits into
base: main
Choose a base branch
from
+86 −7
Open

gh-142315: Don't pass the "real path" of Pdb script target to system functions #142371

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
7050770
Pick target depending on preconditions
johnslavik Dec 7, 2025
2d8c231
Clarify the news fragment
johnslavik Dec 7, 2025
7196224
Add test capturing missed expectation.
jaraco Dec 7, 2025
5b12904
Add more idiomatic safe realpath helper
johnslavik Dec 7, 2025
3058faf
Merge branch 'jaraco/gh-142315/regr-test' into pdb-realpath-pseudofs-…
jaraco Dec 7, 2025
4ca2bcf
Restore logic where existance and directoriness are checked on realpath.
jaraco Dec 7, 2025
3c79be6
Link GH issue to test.
jaraco Dec 7, 2025
d1d85b9
Extract a function to check the target. Remove the _safe_realpath, no…
jaraco Dec 8, 2025
855aac3
Extract method for replacing sys_path, and isolate realpath usage there.
jaraco Dec 8, 2025
03eae7e
Revert "Extract method for replacing sys_path, and isolate realpath u…
jaraco Dec 8, 2025
6779597
Restore _safe_realpath.
jaraco Dec 8, 2025
d1adfb1
Merge branch 'main' into pdb-realpath-pseudofs-problem
jaraco Dec 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 25 additions & 7 deletions Lib/pdb.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -183,19 +183,37 @@ class _ExecutableTarget:

class _ScriptTarget(_ExecutableTarget):
def __init__(self, target):
self._target = os.path.realpath(target)
self._check(target)
self._target = self._safe_realpath(target)

# If PYTHONSAFEPATH (-P) is not set, sys.path[0] is the directory
# of pdb, and we should replace it with the directory of the script
if not sys.flags.safe_path:
sys.path[0] = os.path.dirname(self._target)

if not os.path.exists(self._target):
@staticmethod
def _check(target):
"""
Check that target is plausibly a script.
"""
if not os.path.exists(target):
print(f'Error: {target} does not exist')
sys.exit(1)
if os.path.isdir(self._target):
if os.path.isdir(target):
print(f'Error: {target} is a directory')
sys.exit(1)

# If safe_path(-P) is not set, sys.path[0] is the directory
# of pdb, and we should replace it with the directory of the script
if not sys.flags.safe_path:
sys.path[0] = os.path.dirname(self._target)
@staticmethod
def _safe_realpath(path):
"""
Return the canonical path (realpath) if it is accessible from the userspace.
Otherwise (for example, if the path is a symlink to an anonymous pipe),
return the original path.

See GH-142315.
"""
realpath = os.path.realpath(path)
return realpath if os.path.exists(realpath) else path

def __repr__(self):
return self._target
Expand Down
59 changes: 59 additions & 0 deletions Lib/test/test_pdb.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3561,6 +3561,24 @@ def _assert_find_function(self, file_content, func_name, expected):
self.assertEqual(
expected, pdb.find_function(func_name, os_helper.TESTFN))

def _fd_dir_for_pipe_targets(self):
"""Return a directory exposing live file descriptors, if any."""
proc_fd = "/proc/self/fd"
if os.path.isdir(proc_fd) and os.path.exists(os.path.join(proc_fd, '0')):
return proc_fd

dev_fd = "/dev/fd"
if os.path.isdir(dev_fd) and os.path.exists(os.path.join(dev_fd, '0')):
if sys.platform.startswith("freebsd"):
try:
if os.stat("/dev").st_dev == os.stat(dev_fd).st_dev:
return None
except FileNotFoundError:
return None
return dev_fd

return None

def test_find_function_empty_file(self):
self._assert_find_function(b'', 'foo', None)

Expand Down Expand Up @@ -3633,6 +3651,47 @@ def test_spec(self):
stdout, _ = self.run_pdb_script(script, commands)
self.assertIn('None', stdout)

def test_script_target_anonymous_pipe(self):
"""
_ScriptTarget doesn't fail on an anonymous pipe.

GH-142315
"""
fd_dir = self._fd_dir_for_pipe_targets()
if fd_dir is None:
self.skipTest('anonymous pipe targets require /proc/self/fd or /dev/fd')

read_fd, write_fd = os.pipe()

def safe_close(fd):
try:
os.close(fd)
except OSError:
pass

self.addCleanup(safe_close, read_fd)
self.addCleanup(safe_close, write_fd)

pipe_path = os.path.join(fd_dir, str(read_fd))
if not os.path.exists(pipe_path):
self.skipTest('fd directory does not expose anonymous pipes')

script_source = 'marker = "via_pipe"\n'
os.write(write_fd, script_source.encode('utf-8'))
os.close(write_fd)

original_path0 = sys.path[0]
self.addCleanup(sys.path.__setitem__, 0, original_path0)

target = pdb._ScriptTarget(pipe_path)
code_text = target.code
namespace = target.namespace
exec(code_text, namespace)

self.assertEqual(namespace['marker'], 'via_pipe')
self.assertEqual(namespace['__file__'], target.filename)
self.assertIsNone(namespace['__spec__'])

def test_find_function_first_executable_line(self):
code = textwrap.dedent("""\
def foo(): pass
Expand Down
2 changes: 2 additions & 0 deletions Misc/NEWS.d/next/Library/2025-12-07-02-36-24.gh-issue-142315.02o5E_.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
Pdb can now run scripts from anonymous pipes used in process substitution.
Patch by Bartosz Sławecki.
Loading