pickle.py (1,962), tarfile.py (3,171), zipfile/init.py (2,391), shutil.py (1,670), tempfile.py (977), pdb.py (3,707), contextlib.py (797), configparser.py (1,415)
Invalid uid/gid/size/mtime in PAX headers → silently replaced with 0. size=0 truncates extracted files. uid=0 means root ownership. Security-relevant.
typing.py: _tp_cache swallows TypeError from cached function (typing.py:420-423): except TypeError intended for unhashable args also catches TypeError raised inside the function. Double-call with side effects.
typing.py: _collect_protocol_members catches except Exception (typing.py:1891): Too broad for __annotations__ access. Masks broken metaclasses, produces wrong isinstance results.
typing.py: _GenericAlias.__call__ catches except Exception for __orig_class__ (typing.py:1290): Masks bugs in __setattr__.
SocketHandler.send() silently drops log records on network failure (logging/handlers.py:643): OSError caught inside send(), never propagated to emit(). Log records silently lost during network interruptions.
Logging config listener uses eval-like fallback with broad except (logging/config.py:996-1008): dictConfig() failure falls through to fileConfig(). If dictConfig partially cleared handlers, logging system left in inconsistent state.
Pyc validation catches ImportError silently (importlib/_bootstrap_external.py:867): Damaged Python installation silently falls back to source compilation.
put() returns successfully but item never delivered. Silent data loss.except Exception: pass around entire shutdown dispatch. Zombie manager processes.except: pass (multiprocessing/resource_tracker.py:383): Catches SystemExit/KeyboardInterrupt. Leaked system resources go undetected.except Exception: pass around warnings.warn() — leaked resources invisible.
Bare except: in SAX external entity resolution (xml/sax/expatreader.py:427): Catches SystemExit, KeyboardInterrupt, ALL errors during entity parsing. Has FIXME comment acknowledging the problem. Error info completely lost.
Bare except: in email header parser (email/_header_value_parser.py:2544): except: pass catches everything during get_extended_attrtext. Every other get_* call catches HeaderParseError — this is inconsistent.
decode_b() returns inconsistent type on failure (email/_encoded_words.py:136): Returns raw bytes on base64 error, caller decodes with charset → silently garbled text.
_accept_connection2 silently swallows ALL errors unless debug mode (selector_events.py:249-262): When self._debug=False (default), any exception from protocol_factory() or transport creation is completely silenced. Incoming connections vanish. Highest-impact fix — always call call_exception_handler.
_fatal_error discards OSError unless debug mode (5 locations across 4 files): Method named "fatal_error" silently discards the most common real-world transport failures in production. Network problems go unreported.
shutdown_asyncgens checks Exception not BaseException (base_events.py:588-589): gather(return_exceptions=True) returns BaseException instances. Custom BaseException subclasses (e.g., trio.Cancelled) silently lost.
~94,000 lines of Python code across 6 batches covering asyncio, email, xml, http, multiprocessing, concurrent.futures, importlib, logging, typing, argparse, inspect, subprocess, dataclasses, pickle, tarfile, zipfile, shutil, tempfile, pdb, contextlib, configparser.
Lines 1290, 1891, 2141: except Exception: pass used to guard __annotations__ and __orig_class__ access. Masks broken metaclasses, buggy __setattr__, producing wrong isinstance results for Protocol classes.
Narrow to specific exception types (AttributeError, TypeError).
Invalid numeric values in PAX extended headers (uid, gid, size, mtime) are silently replaced with 0 at tarfile.py:1647-1650. For size, this truncates extracted files. For uid, this means root ownership. Security-relevant.
import tarfile, io