Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix a rare segfault #5405

Merged
merged 1 commit into from
May 16, 2018
Merged

Fix a rare segfault #5405

merged 1 commit into from
May 16, 2018

Conversation

reaperhulk
Copy link
Contributor

If pip10 is installed and pyopenssl+cryptography are present in the
environment pip's vendored urllib3 will automatically activate its
pyopenssl adapter. This is by design so users can potentially opt-in to
more up-to-date TLS versions than what are provided by their copy of
Python. However, if a user has these packages & subsequently runs
pip install --ignore-installed cryptography then a segfault will occur
due to overwriting an mmap'd shared object.

Fixes #5366

@reaperhulk
Fix a rare segfault
ba80574 
If pip10 is installed and pyopenssl+cryptography are present in the
environment pip's vendored urllib3 will automatically activate its
pyopenssl adapter. This is by design so users can potentially opt-in to
more up-to-date TLS versions than what are provided by their copy of
Python. However, if a user has these packages & subsequently runs
pip install --ignore-installed cryptography then a segfault will occur
due to overwriting an mmap'd shared object.
@njsmith
Copy link
Member

njsmith commented May 15, 2018

Another case that this PR fixes, maybe, I think: conda uses hardlinks to share files between different environments, so if you use pip inside a conda environment and pip rewrites a file in place then it will corrupt other unrelated conda environments. Adding the unlink here fixes that too.

(I'm basing this on a stray comment made by either @msarahan or @jjhelmus today.)

@pradyunsg pradyunsg added the S: needs triage Issues/PRs that need to be triaged label May 16, 2018
@dstufft dstufft added type: bug A confirmed bug or unintended behavior kind: crash For situations where pip crashes and removed S: needs triage Issues/PRs that need to be triaged labels May 16, 2018
@dstufft dstufft merged commit 018f03a into pypa:master May 16, 2018
@jjhelmus
Copy link

Thanks for this fix @reaperhulk. We were applying a similar patch to avoid breaking hard links in the version of pip shipped with Anaconda. Glad to hear that we can drop this in the next release.

@nehaljwani nehaljwani mentioned this pull request Jun 4, 2018
Closed
@nehaljwani nehaljwani mentioned this pull request Aug 1, 2018
Closed
@geofft geofft mentioned this pull request Feb 22, 2019
Closed
@lock
Copy link

lock bot commented Jun 2, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot added the auto-locked Outdated issues that have been locked by automation label Jun 2, 2019
@lock lock bot locked as resolved and limited conversation to collaborators Jun 2, 2019
@chrahunt
Copy link
Member

Also applies to hiredis for pip 9.0.1 as observed in #6233.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
auto-locked Outdated issues that have been locked by automation kind: crash For situations where pip crashes type: bug A confirmed bug or unintended behavior
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

pip10 segfaults when installing cryptography and pyopenssl
6 participants
@reaperhulk @njsmith @jjhelmus @chrahunt @dstufft @pradyunsg