X Tutup
Skip to content

[3.12] gh-112334: Restore subprocess's use of vfork() & fix extra_groups=[] behavior (GH-112617)#112731

Merged
gpshead merged 2 commits intopython:3.12from
miss-islington:backport-9fe7655-3.12
Dec 4, 2023
Merged

[3.12] gh-112334: Restore subprocess's use of vfork() & fix extra_groups=[] behavior (GH-112617)#112731
gpshead merged 2 commits intopython:3.12from
miss-islington:backport-9fe7655-3.12

Conversation

@miss-islington
Copy link
Contributor

@miss-islington miss-islington commented Dec 4, 2023
edited by gpshead
Loading

Restore subprocess's intended use of vfork() by default for performance on Linux;
also fixes the behavior of extra_groups=[] which was unintentionally broken in 3.12.0:

Fixed a performance regression in 3.12's :mod:subprocess on Linux where it
would no longer use the fast-path vfork() system call when it could have
due to a logic bug, instead falling back to the safe but slower fork().

Also fixed a security bug introduced in 3.12.0. If a value of extra_groups=[]
was passed to :mod:subprocess.Popen or related APIs, the underlying
setgroups(0, NULL) system call to clear the groups list would not be made
in the child process prior to exec().

The security issue was identified via code inspection in the process of
fixing the first bug. Thanks to @vain for the detailed report and
analysis in the initial bug on Github.

(cherry picked from commit 9fe7655)

Co-authored-by: Gregory P. Smith greg@krypto.org
Co-authored-by: Serhiy Storchaka storchaka@gmail.com

The security issue has been assigned CVE-2023-6507.

@gpshead @serhiy-storchaka @miss-islington
pythongh-112334: Restore subprocess's use of vfork() & fix `extra_g…
9cc90e4 
…roups=[]` behavior (pythonGH-112617)

Restore `subprocess`'s intended use of `vfork()` by default for performance on Linux;
also fixes the behavior of `extra_groups=[]` which was unintentionally broken in 3.12.0:

Fixed a performance regression in 3.12's :mod:`subprocess` on Linux where it
would no longer use the fast-path ``vfork()`` system call when it could have
due to a logic bug, instead falling back to the safe but slower ``fork()``.

Also fixed a security bug introduced in 3.12.0.  If a value of ``extra_groups=[]``
was passed to :mod:`subprocess.Popen` or related APIs, the underlying
``setgroups(0, NULL)`` system call to clear the groups list would not be made
in the child process prior to ``exec()``.

The security issue was identified via code inspection in the process of
fixing the first bug.  Thanks to @vain for the detailed report and
analysis in the initial bug on Github.

(cherry picked from commit 9fe7655)

Co-authored-by: Gregory P. Smith <greg@krypto.org>
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
@bedevere-app bedevere-app bot added the type-bug An unexpected behavior, bug, or error label Dec 4, 2023
@bedevere-app bedevere-app bot mentioned this pull request Dec 4, 2023
Merged
3 tasks
@bedevere-app bedevere-app bot mentioned this pull request Dec 4, 2023
Closed
@gpshead gpshead added release-blocker 3.12 only security fixes labels Dec 4, 2023
@gpshead gpshead self-assigned this Dec 4, 2023
@gpshead
Reword NEWS for the bugfix/security release.
41bef1f 
(mentions the assigned CVE number)
@gpshead gpshead enabled auto-merge (squash) December 4, 2023 23:16
@gpshead gpshead merged commit 85bbfa8 into python:3.12 Dec 4, 2023
@gpshead gpshead added the type-security A security issue label Dec 8, 2023
@miss-islington miss-islington deleted the backport-9fe7655-3.12 branch January 2, 2026 17:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gpshead gpshead gpshead approved these changes

Assignees

@gpshead gpshead

Labels

3.12 only security fixes release-blocker type-bug An unexpected behavior, bug, or error type-security A security issue

Projects

Release and Deferred blockers 🚫
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@miss-islington @gpshead
X Tutup