relocate broken with python 3.12.8 #37
Description
The CVE-2024-9287 fix included in python 3.12.8 is breaking the relocate feature.
python 3.12.6 activation script:
# on Windows, a path can contain colons and backslashes and has to be converted:
if [ "${OSTYPE:-}" = "cygwin" ] || [ "${OSTYPE:-}" = "msys" ] ; then
# transform D:\path\to\venv to /d/path/to/venv on MSYS
# and to /cygdrive/d/path/to/venv on Cygwin
export VIRTUAL_ENV=$(cygpath "/tmp/tmp.INbM468TTf")
else
# use the path as-is
export VIRTUAL_ENV="/tmp/tmp.INbM468TTf"
fi
python 3.12.8 activation script:
# on Windows, a path can contain colons and backslashes and has to be converted:
if [ "${OSTYPE:-}" = "cygwin" ] || [ "${OSTYPE:-}" = "msys" ] ; then
# transform D:\path\to\venv to /d/path/to/venv on MSYS
# and to /cygdrive/d/path/to/venv on Cygwin
export VIRTUAL_ENV=$(cygpath /tmp/tmp.INbM468TTf)
else
# use the path as-is
export VIRTUAL_ENV=/tmp/tmp.INbM468TTf
fi
The quotes are gone and seems to break the regex.
The regex will now match $(cygpath /tmp/tmp.INbM468TTf) instead of /tmp/tmp.INbM468TTf because it does not contains quotes anymore.
The upstream patch:
python/cpython#126185
The upstream issue:
python/cpython#124651