shutil.which() can return non-executable path starting with 3.12 on Windows #127001
Comments
|
Reverting the entire change is clearly not going to happen - the logic was incorrect before, and apparently is still incorrect, so let's figure out what correct logic for handling PATHEXT would be. |
|
Should not it be fixed by #109590? |
|
Ah, it still checks for file without extension. |
That only handles the "in the same directory" case, and not in different directories, from what I see. But, that issue mentioned PS C:\Users\user> echo $env:PATH
C:\msys64\usr\bin;C:\Windows\System32;C:\Windows
PS C:\Users\user> echo $env:PATHEXT
.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL
PS C:\Users\user> Get-Command cmd
CommandType Name Version Source
----------- ---- ------- ------
Application cmd 0.0.0.0 C:\msys64\usr\bin\cmd
PS C:\Users\user> Get-Command -All cmd
CommandType Name Version Source
----------- ---- ------- ------
Application cmd 0.0.0.0 C:\msys64\usr\bin\cmd
Application cmd.exe 10.0.2610… C:\Windows\System32\cmd.exe |
serhiy-storchaka
added
3.12
|
The right behaviour ought to be "whatever (One explicit exception we make to |
…h() on Windows Name without a PATHEXT extension is only searched if the mode does not include X_OK.
Also CreateProcess prefers "C:\Windows\System32" over PATH, like curl/tar/bash that are in there, which is another can of worms :( Since my initial presented scenario occurs in MSYS2, and it's not quite clear why we have that "cmd" bash script in PATH in the first place, I'm trying to get rid of it instead now :/ |
|
Ouch. Sorry for the regression folks. I wish this was less complicated than it is. I see @serhiy-storchaka has already started on a fix. Thanks all. |
|
There was other bug introduced in #109995: full match did not work for files with multcomponent extension in PATHEXT, (e.g. Other corner case was only discussed in comments: a dot ( |
* Name without a PATHEXT extension is only searched if the mode does not
include X_OK.
* Support multi-component PATHEXT extensions (e.g. ".foo.bar").
* Support files without extensions in PATHEXT contains dot-only extension
(".", "..", etc).
* Support PATHEXT extensions that end with a dot (e.g. ".foo.").
…honGH-127035) * Name without a PATHEXT extension is only searched if the mode does not include X_OK. * Support multi-component PATHEXT extensions (e.g. ".foo.bar"). * Support files without extensions in PATHEXT contains dot-only extension (".", "..", etc). * Support PATHEXT extensions that end with a dot (e.g. ".foo."). (cherry picked from commit 8899e85) Co-authored-by: Serhiy Storchaka <[email protected]>
…ws (pythonGH-127035) * Name without a PATHEXT extension is only searched if the mode does not include X_OK. * Support multi-component PATHEXT extensions (e.g. ".foo.bar"). * Support files without extensions in PATHEXT contains dot-only extension (".", "..", etc). * Support PATHEXT extensions that end with a dot (e.g. ".foo."). (cherry picked from commit 8899e85) Co-authored-by: Serhiy Storchaka <[email protected]>
…-127035) (GH-127156) * Name without a PATHEXT extension is only searched if the mode does not include X_OK. * Support multi-component PATHEXT extensions (e.g. ".foo.bar"). * Support files without extensions in PATHEXT contains dot-only extension (".", "..", etc). * Support PATHEXT extensions that end with a dot (e.g. ".foo."). (cherry picked from commit 8899e85) Co-authored-by: Serhiy Storchaka <[email protected]>
…-127035) (GH-127158) * Name without a PATHEXT extension is only searched if the mode does not include X_OK. * Support multi-component PATHEXT extensions (e.g. ".foo.bar"). * Support files without extensions in PATHEXT contains dot-only extension (".", "..", etc). * Support PATHEXT extensions that end with a dot (e.g. ".foo."). (cherry picked from commit 8899e85)
|
I can confirm that this fixes things for my use case. Thanks everyone! |
Python 3.12 made some changes to how `shutil.which` functions that caused shell scripts like gvmap.sh to now be detectable on Windows. 97b0c0b explains some of the backstory to this. 18ebd12 fixed various CI failures that began occurring when this Python change propagated to MinGW in CI. CI has now started once again failing on MinGW. Inspecting the diff between a passing and failing run reveals Python has moved from 3.12.7-2 to 3.12.7-3. The diff between these two appears to be the backporting of a claimed fix to `shutil.which`.¹ Discussion of the underlying issue² seems to point to significant disagreement between Python contributors on what the desirable behavior of `shutil.which` is in these scenarios. It is also not clear to me how gvmap.sh ends up non-executable (and thus affected by this) given its CMake installation rule seems to add executability. Rather than trying to continue accommodating Python changing its `shutil.which` semantics, this change skips testing of this scenario. ¹ msys2/MINGW-packages@32bd97e ² python/cpython#127001
Bug report
Bug description:
Starting with Python 3.12 if a file is in PATH that does not end with PATHEXT, but happens to be named the same as the searched command it is returned instead of the real command later in PATH which includes PATHEXT.
I have verified that this change was introduced with #103179 and reverting it fixes the issue.
@csm10495 ^
Downstream context: mesonbuild/meson#13886
CPython versions tested on:
3.12
Operating systems tested on:
Windows
Linked PRs
The text was updated successfully, but these errors were encountered: