From fc45ea36e32f1ca77bc79a22e3902ec35c1fcc32 Mon Sep 17 00:00:00 2001 From: Pablo Galindo Salgado Date: Wed, 9 Oct 2024 23:30:56 +0100 Subject: [PATCH] gh-125140: Remove the current directory from sys.path when using pyrepl (GH-125212) (cherry picked from commit c7d5d1d93b630e352abd9a0c93ea6d34c443f444) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Pablo Galindo Salgado Signed-off-by: Pablo Galindo Co-authored-by: Ɓukasz Langa Co-authored-by: Peter Bierma --- Lib/site.py | 11 ++++++++--- .../2024-10-09-20-08-13.gh-issue-125140.YgNWRB.rst | 1 + 2 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 Misc/NEWS.d/next/Security/2024-10-09-20-08-13.gh-issue-125140.YgNWRB.rst diff --git a/Lib/site.py b/Lib/site.py index d31bc772334151..34e7d19f376cc6 100644 --- a/Lib/site.py +++ b/Lib/site.py @@ -503,9 +503,14 @@ def register_readline(): if PYTHON_BASIC_REPL: CAN_USE_PYREPL = False else: - import _pyrepl.readline - import _pyrepl.unix_console - from _pyrepl.main import CAN_USE_PYREPL + original_path = sys.path + sys.path = [p for p in original_path if p != ''] + try: + import _pyrepl.readline + import _pyrepl.unix_console + from _pyrepl.main import CAN_USE_PYREPL + finally: + sys.path = original_path except ImportError: return diff --git a/Misc/NEWS.d/next/Security/2024-10-09-20-08-13.gh-issue-125140.YgNWRB.rst b/Misc/NEWS.d/next/Security/2024-10-09-20-08-13.gh-issue-125140.YgNWRB.rst new file mode 100644 index 00000000000000..f4a49302372647 --- /dev/null +++ b/Misc/NEWS.d/next/Security/2024-10-09-20-08-13.gh-issue-125140.YgNWRB.rst @@ -0,0 +1 @@ +Remove the current directory from ``sys.path`` when using PyREPL.