bpo-39184: Add audit events to functions in fcntl, msvcrt, os, resource, shutil, signal, syslog

[gousaiyang]

Add audit events to the following functions:

• all functions in fcntl and syslog
• file operations in msvcrt, os and shutil
• os.putenv/unsetenv
• os.add_dll_directory
• os.fork/forkpty
• os.kill/killpg
• resource.setrlimit, resource.prlimit
• signal.pthread_kill

https://bugs.python.org/issue39184

[codecov]

Codecov Report

Merging #18407 into master will increase coverage by 1.08%.
The diff coverage is n/a.

@@             Coverage Diff             @@
##           master   #18407       +/-   ##
===========================================
+ Coverage   82.11%   83.19%    +1.08%     
===========================================
  Files        1954     1570      -384     
  Lines      583559   414425   -169134     
  Branches    44429    44428        -1     
===========================================
- Hits       479190   344783   -134407     
+ Misses      94719    59995    -34724     
+ Partials     9650     9647        -3     

Impacted Files	Coverage Δ
Lib/_weakrefset.py	59.18% <0.00%> (-0.69%)	⬇️
Lib/test/test_fractions.py	96.70% <0.00%> (-0.28%)	⬇️
Python/codecs.c
Objects/sliceobject.c
Modules/termios.c
Modules/clinic/itertoolsmodule.c.h
Modules/_decimal/libmpdec/numbertheory.c
Modules/md5module.c
Include/internal/pycore_ceval.h
Modules/_posixsubprocess.c
... and 377 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 2844336...631f22b. Read the comment docs.

[zooba]

Overall, looks great! I checked all the events against the doc updates, and they all seem to be in good spots in the code.

We definitely should fix the PyLong_FromLong calls to avoid reference leaks.

I'm also 99% sure that we don't need to check path->object for NULL, but if you come back and tell me that we need to then I'll believe you :)

[zooba]

We may just need to pick an "obvious" value to pass rather than None here... it's a shame that DEFAULT_DIR_FD is so arbitrary.

I'd rather not have to manage an object's lifetime around the PySys_Audit call. Passing 0 or -1 (assuming those aren't valid FDs? Are they?) would be obvious enough to me.

[gousaiyang]

According to documentation from Linux, FreeBSD, macOS and Microsoft C Run-Time Library, file descriptors are non-negative integers, negative values are used to indicate errors, so here we can safely use -1 to indicate that dir_fd is not specified.

[zooba]

Pretty sure path->object can't be NULL, right? Have you seen a case where this is not true?

I mean, there isn't another way to provide the path if you don't pass an object in...

[zooba]

I see there are a few existing cases where we check it like this, but AFAICT none of them should be necessary.

[gousaiyang]

For path-like arguments with default values (like os.listdir and os.scandir), checking path->object for NULL is necessary, otherwise SystemError: NULL object passed to Py_BuildValue could happen. The audit hooks of os.listdir and os.scandir are already doing this.
For path-like arguments without default values, it seems that path->object could never be NULL since the argument is required. The audit hook in os.open does not check path->object for NULL, and the os_readlink_impl function actually assumed that path->object is not NULL (otherwise the PyUnicode_Check call will crash by dereferencing a null pointer).

[zooba]

Okay, that sounds good to me. Thanks!

[bedevere-bot]

A Python core developer has requested some changes be made to your pull request before we can consider merging it. If you could please address their requests along with any other requests in other reviews from core developers that would be appreciated.

Once you have made the requested changes, please leave a comment on this pull request containing the phrase I have made the requested changes; please review again. I will then notify any core developers who have left a review that you're ready for them to take another look at this pull request.

[gousaiyang]

I have made the requested changes; please review again. Thanks!

[bedevere-bot]

Thanks for making the requested changes!

@zooba: please review the changes made to this pull request.

[miss-islington]

Thanks @gousaiyang for the PR, and @zooba for merging it 🌮🎉.. I'm working now to backport this PR to: 3.8.
🐍🍒⛏🤖

[miss-islington]

Sorry, @gousaiyang and @zooba, I could not cleanly backport this to 3.8 due to a conflict.
Please backport using cherry_picker on command line.
cherry_picker 7514f4f6254f4a2d13ea8e5632a8e5f22b637e0b 3.8

[bedevere-bot]

GH-18500 is a backport of this pull request to the 3.8 branch.