https://github.com/python/cpython/commit/c7d5d1d93b630e352abd9a0c93ea6d34c443f444 commit: c7d5d1d93b630e352abd9a0c93ea6d34c443f444 branch: main author: Pablo Galindo Salgado <[email protected]> committer: ambv <[email protected]> date: 2024-10-09T22:30:56Z summary:
gh-125140: Remove the current directory from sys.path when using pyrepl (GH-125212) Signed-off-by: Pablo Galindo <[email protected]> Co-authored-by: Ćukasz Langa <[email protected]> Co-authored-by: Peter Bierma <[email protected]> files: A Misc/NEWS.d/next/Security/2024-10-09-20-08-13.gh-issue-125140.YgNWRB.rst M Lib/site.py diff --git a/Lib/site.py b/Lib/site.py index b3194d79fb5ab8..07a6361fad44e5 100644 --- a/Lib/site.py +++ b/Lib/site.py @@ -503,9 +503,14 @@ def register_readline(): if PYTHON_BASIC_REPL: CAN_USE_PYREPL = False else: - import _pyrepl.readline - import _pyrepl.unix_console - from _pyrepl.main import CAN_USE_PYREPL + original_path = sys.path + sys.path = [p for p in original_path if p != ''] + try: + import _pyrepl.readline + import _pyrepl.unix_console + from _pyrepl.main import CAN_USE_PYREPL + finally: + sys.path = original_path except ImportError: return diff --git a/Misc/NEWS.d/next/Security/2024-10-09-20-08-13.gh-issue-125140.YgNWRB.rst b/Misc/NEWS.d/next/Security/2024-10-09-20-08-13.gh-issue-125140.YgNWRB.rst new file mode 100644 index 00000000000000..f4a49302372647 --- /dev/null +++ b/Misc/NEWS.d/next/Security/2024-10-09-20-08-13.gh-issue-125140.YgNWRB.rst @@ -0,0 +1 @@ +Remove the current directory from ``sys.path`` when using PyREPL. _______________________________________________ Python-checkins mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3/lists/python-checkins.python.org/ Member address: [email protected]
