pablogsal
diff --git a/‎Doc/data/python3.12.abi.new
Lines changed: 22644 additions & 0 deletions b/‎Doc/data/python3.12.abi.new
Lines changed: 22644 additions & 0 deletions
diff --git a/‎Doc/whatsnew/3.12.rst
Lines changed: 6 additions & 0 deletions b/‎Doc/whatsnew/3.12.rst
Lines changed: 6 additions & 0 deletions
diff --git a/‎Lib/test/test_cmd_line_script.py
Lines changed: 12 additions & 0 deletions b/‎Lib/test/test_cmd_line_script.py
Lines changed: 12 additions & 0 deletions
diff --git a/‎Misc/NEWS.d/next/Core and Builtins/2022-09-27-11-59-13.gh-issue-96670.XrBBit.rst
Lines changed: 2 additions & 0 deletions b/‎Misc/NEWS.d/next/Core and Builtins/2022-09-27-11-59-13.gh-issue-96670.XrBBit.rst
Lines changed: 2 additions & 0 deletions
diff --git a/‎Parser/tokenizer.c
Lines changed: 31 additions & 3 deletions b/‎Parser/tokenizer.c
Lines changed: 31 additions & 3 deletions
diff --git a/‎Python/pythonrun.c
Lines changed: 1 addition & 1 deletion b/‎Python/pythonrun.c
Lines changed: 1 addition & 1 deletion
@@ -86,6 +86,12 @@ Other Language Changes
 * :class:`memoryview` now supports the half-float type (the "e" format code).
   (Contributed by Dong-hee Na and Antoine Pitrou in :gh:`90751`.)
 
+* The parser now raises :exc:`SyntaxError` when parsing source code containing
+  null bytes. (Contributed by Pablo Galindo in :gh:`96670`.)
+
+* :func:`ast.parse` now raises :exc:`SyntaxError` instead of :exc:`ValueError`
+  when parsing source code containing null bytes. (Contributed by Pablo Galindo
+  in :gh:`96670`.)
 
 New Modules
 ===========
 
@@ -657,6 +657,18 @@ def test_syntaxerror_invalid_escape_sequence_multi_line(self):
                 ],
             )
 
+    def test_syntaxerror_null_bytes(self):
+        script = "x = '\0' nothing to see here\n';import os;os.system('echo pwnd')\n"
+        with os_helper.temp_dir() as script_dir:
+            script_name = _make_test_script(script_dir, 'script', script)
+            exitcode, stdout, stderr = assert_python_failure(script_name)
+            self.assertEqual(
+                stderr.splitlines()[-2:],
+                [   b"    x = '",
+                    b'SyntaxError: source code string cannot contain null bytes'
+                ],
+            )
+
     def test_consistent_sys_path_for_direct_execution(self):
         # This test case ensures that the following all give the same
         # sys.path configuration:
 
@@ -0,0 +1,2 @@
+The parser now raises :exc:`SyntaxError` when parsing source code containing
+null bytes. Patch by Pablo Galindo
@@ -378,6 +378,16 @@ tok_reserve_buf(struct tok_state *tok, Py_ssize_t size)
     return 1;
 }
 
+static int
+contains_null_bytes(const char* str, size_t size) {
+    for (size_t i =0; i < size; i++) {
+        if (str[i] == '\0') {
+            return 1;
+        }
+    }
+    return 0;
+}
+
 static int
 tok_readline_recode(struct tok_state *tok) {
     PyObject *line;
@@ -399,6 +409,11 @@ tok_readline_recode(struct tok_state *tok) {
         error_ret(tok);
         goto error;
     }
+    if (contains_null_bytes(buf, buflen)) {
+        tok->line_start = tok->cur;
+        syntaxerror(tok, "source code string cannot contain null bytes");
+        goto error;
+    }
     if (!tok_reserve_buf(tok, buflen + 1)) {
         goto error;
     }
@@ -829,12 +844,25 @@ tok_readline_raw(struct tok_state *tok)
         if (!tok_reserve_buf(tok, BUFSIZ)) {
             return 0;
         }
-        char *line = Py_UniversalNewlineFgets(tok->inp,
-                                              (int)(tok->end - tok->inp),
-                                              tok->fp, NULL);
+        memset(tok->inp, 0, BUFSIZ);
+        int n_chars = (int)(tok->end - tok->inp);
+        char *line = Py_UniversalNewlineFgets(tok->inp, n_chars, tok->fp, NULL);
         if (line == NULL) {
             return 1;
         }
+        
+        // Find the first non null character starting from the right of tok->inp
+        char *last_char = tok->inp + n_chars - 1;
+        while (last_char >= tok->inp && *last_char == '\0') {
+            last_char--;
+        }
+        if (contains_null_bytes(tok->inp, last_char-(tok->inp))) {
+            // Mark the line we just parsed so the tokenizer can report the syntax error correctly
+            tok->line_start = tok->cur;
+            syntaxerror(tok, "source code string cannot contain null bytes");
+            return 0;
+        }
+
         if (tok->fp_interactive &&
             tok_concatenate_interactive_new_line(tok, line) == -1) {
             return 0;
 
@@ -1858,7 +1858,7 @@ _Py_SourceAsString(PyObject *cmd, const char *funcname, const char *what, PyComp
     }
 
     if (strlen(str) != (size_t)size) {
-        PyErr_SetString(PyExc_ValueError,
+        PyErr_SetString(PyExc_SyntaxError,
             "source code string cannot contain null bytes");
         Py_CLEAR(*cmd_copy);
         return NULL;
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	+The parser now raises :exc:`SyntaxError` when parsing source code containing
	`2`	`+null bytes. Patch by Pablo Galindo`
Original file line number	Diff line number	Diff line change
`@@ -1858,7 +1858,7 @@ _Py_SourceAsString(PyObject cmd, const char funcname, const char *what, PyComp`
`1858`	`1858`	`}`
`1859`	`1859`
`1860`	`1860`	`if (strlen(str) != (size_t)size) {`
`1861`		`- PyErr_SetString(PyExc_ValueError,`
	`1861`	`+ PyErr_SetString(PyExc_SyntaxError,`
`1862`	`1862`	`"source code string cannot contain null bytes");`
`1863`	`1863`	`Py_CLEAR(*cmd_copy);`
`1864`	`1864`	`return NULL;`