-
-
Notifications
You must be signed in to change notification settings - Fork 30.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bpo-39184: Add audit events to functions in fcntl
, msvcrt
, os
, resource
, shutil
, signal
, syslog
#18407
Conversation
…`resource`, `shutil`, `signal`, `syslog`
Codecov Report
@@ Coverage Diff @@
## master #18407 +/- ##
===========================================
+ Coverage 82.11% 83.19% +1.08%
===========================================
Files 1954 1570 -384
Lines 583559 414425 -169134
Branches 44429 44428 -1
===========================================
- Hits 479190 344783 -134407
+ Misses 94719 59995 -34724
+ Partials 9650 9647 -3
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall, looks great! I checked all the events against the doc updates, and they all seem to be in good spots in the code.
We definitely should fix the PyLong_FromLong
calls to avoid reference leaks.
I'm also 99% sure that we don't need to check path->object
for NULL
, but if you come back and tell me that we need to then I'll believe you :)
Modules/posixmodule.c
Outdated
@@ -3007,6 +3015,13 @@ os_chmod_impl(PyObject *module, path_t *path, int mode, int dir_fd, | |||
return NULL; | |||
#endif | |||
|
|||
if (PySys_Audit("os.chmod", "OiO", | |||
path->object ? path->object : Py_None, mode, | |||
dir_fd == DEFAULT_DIR_FD ? Py_None : PyLong_FromLong(dir_fd) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We may just need to pick an "obvious" value to pass rather than None here... it's a shame that DEFAULT_DIR_FD is so arbitrary.
I'd rather not have to manage an object's lifetime around the PySys_Audit call. Passing 0
or -1
(assuming those aren't valid FDs? Are they?) would be obvious enough to me.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
According to documentation from Linux, FreeBSD, macOS and Microsoft C Run-Time Library, file descriptors are non-negative integers, negative values are used to indicate errors, so here we can safely use -1
to indicate that dir_fd
is not specified.
Modules/posixmodule.c
Outdated
@@ -2911,6 +2911,11 @@ os_chdir_impl(PyObject *module, path_t *path) | |||
{ | |||
int result; | |||
|
|||
if (PySys_Audit("os.chdir", "(O)", | |||
path->object ? path->object : Py_None) < 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pretty sure path->object
can't be NULL, right? Have you seen a case where this is not true?
I mean, there isn't another way to provide the path if you don't pass an object in...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see there are a few existing cases where we check it like this, but AFAICT none of them should be necessary.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For path-like arguments with default values (like os.listdir
and os.scandir
), checking path->object
for NULL
is necessary, otherwise SystemError: NULL object passed to Py_BuildValue
could happen. The audit hooks of os.listdir
and os.scandir
are already doing this.
For path-like arguments without default values, it seems that path->object
could never be NULL
since the argument is required. The audit hook in os.open
does not check path->object
for NULL
, and the os_readlink_impl
function actually assumed that path->object
is not NULL
(otherwise the PyUnicode_Check
call will crash by dereferencing a null pointer).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay, that sounds good to me. Thanks!
A Python core developer has requested some changes be made to your pull request before we can consider merging it. If you could please address their requests along with any other requests in other reviews from core developers that would be appreciated. Once you have made the requested changes, please leave a comment on this pull request containing the phrase |
- Do not use `PyLong_FromLong` - Use -1 when `dir_fd` is not specified - Remove unnecessary NULL checks
I have made the requested changes; please review again. Thanks! |
Thanks for making the requested changes! @zooba: please review the changes made to this pull request. |
Thanks @gousaiyang for the PR, and @zooba for merging it 🌮🎉.. I'm working now to backport this PR to: 3.8. |
Sorry, @gousaiyang and @zooba, I could not cleanly backport this to |
…`resource`, `shutil`, `signal`, `syslog` (pythonGH-18407)
GH-18500 is a backport of this pull request to the 3.8 branch. |
Add audit events to the following functions:
fcntl
andsyslog
msvcrt
,os
andshutil
https://bugs.python.org/issue39184