Re: [Python-Dev] Should urlencode() sort the query parameters (if they come from a dict)?

[Stephen J. Turnbull]

Joao S. O. Bueno writes:

 > I don't think this behavior is only desirable to unit tests: having
 > URL's been formed in predictable way  a good thing in any way one
 > thinks about it.

Especially if you're a hacker.  One more thing you may be able to use
against careless sites that don't expect the unexpected to occur in
URLs.

I'm not saying this is a bad thing, but we should remember that the
whole point of PYTHONHASHSEED is that regularities can be exploited
for devious and malicious purposes, and reducing regularity makes many
attacks more difficult.  "*Any* way one thinks about it" is far too
strong a claim.

Steve




___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Should urlencode() sort the query parameters (if they come from a dict)?

[Joao S. O. Bueno]

On 17 August 2012 18:52, Chris Angelico  wrote:
> On Sat, Aug 18, 2012 at 5:27 AM, Guido van Rossum  wrote:
>> I just fixed a unittest for some code used at Google that was
>> comparing a url generated by urllib.encode() to a fixed string. The
>> problem was caused by turning on PYTHONHASHSEED=1. Because of this,
>> the code under test would generate a textually different URL each time
>> the test was run, but the intention of the test was just to check that
>> all the query parameters were present and equal to the expected
>> values.
>>
>>
>> query = sorted(query.items())
>
> Hmm. ISTM this is putting priority on the unit test above the
> functionality of actual usage. Although on the other hand, sorting
> parameters on a URL is nothing compared to the cost of network
> traffic, so it's unlikely to be significant.
>

I don't think this behavior is only desirable to unit tests: having
URL's been formed in predictable way  a good thing in any way one
thinks about it.

   js
  -><-

> Chris Angelico
>
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Should urlencode() sort the query parameters (if they come from a dict)?

[Chris Angelico]

On Sat, Aug 18, 2012 at 5:27 AM, Guido van Rossum  wrote:
> I just fixed a unittest for some code used at Google that was
> comparing a url generated by urllib.encode() to a fixed string. The
> problem was caused by turning on PYTHONHASHSEED=1. Because of this,
> the code under test would generate a textually different URL each time
> the test was run, but the intention of the test was just to check that
> all the query parameters were present and equal to the expected
> values.
>
>
> query = sorted(query.items())

Hmm. ISTM this is putting priority on the unit test above the
functionality of actual usage. Although on the other hand, sorting
parameters on a URL is nothing compared to the cost of network
traffic, so it's unlikely to be significant.

Chris Angelico
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Should urlencode() sort the query parameters (if they come from a dict)?

[Guido van Rossum]

Thanks, I filed http://bugs.python.org/issue15719 to track this.

On Fri, Aug 17, 2012 at 12:50 PM, "Martin v. Löwis"  wrote:
> On 17.08.2012 21:27, Guido van Rossum wrote:
>> query = sorted(query.items())
>>
>> This would not prevent breakage of unit tests, but it would make a
>> much simpler fix possible: simply sort the parameters in the URL.
>>
>> Thoughts?
>
> Sounds good. For best backwards compatibility, I'd restrict the sorting
> to the exact dict type, since people may be using non-dict mappings
> which already have a different stable order.
>
>> for all versions of Python that support PYTHONHASHSEED?
>
> I think this cannot be done, in particular not for 2.6 and 3.1 - it's
> not a security fix (*).
>
> Strictly speaking, it isn't even a bug fix, since it doesn't restore
> the original behavior that some people (like your test case) relied
> on. In particular, if somebody has fixed PYTHONHASHSEED to get a stable
> order, this change would break such installations. By that policy, it
> could only go into 3.4.
>
> OTOH, if it also checked whether there is randomized hashing, and sort
> only in that case, I think it should be backwards compatible in all
> interesting cases.
>
> Regards,
> Martin
>
> (*) I guess some may claim that the current implementation leaks
> some bits of the hash seed, since you can learn the seed from
> the parameter order, so sorting would make it more secure. However,
> I would disagree that this constitutes a feasible threat.



-- 
--Guido van Rossum (python.org/~guido)
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Should urlencode() sort the query parameters (if they come from a dict)?

[Martin v. Löwis]

On 17.08.2012 21:27, Guido van Rossum wrote:
> query = sorted(query.items())
>
> This would not prevent breakage of unit tests, but it would make a
> much simpler fix possible: simply sort the parameters in the URL.
>
> Thoughts?

Sounds good. For best backwards compatibility, I'd restrict the sorting
to the exact dict type, since people may be using non-dict mappings
which already have a different stable order.

> for all versions of Python that support PYTHONHASHSEED?

I think this cannot be done, in particular not for 2.6 and 3.1 - it's
not a security fix (*).

Strictly speaking, it isn't even a bug fix, since it doesn't restore
the original behavior that some people (like your test case) relied
on. In particular, if somebody has fixed PYTHONHASHSEED to get a stable
order, this change would break such installations. By that policy, it
could only go into 3.4.

OTOH, if it also checked whether there is randomized hashing, and sort
only in that case, I think it should be backwards compatible in all
interesting cases.

Regards,
Martin

(*) I guess some may claim that the current implementation leaks
some bits of the hash seed, since you can learn the seed from
the parameter order, so sorting would make it more secure. However,
I would disagree that this constitutes a feasible threat.
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Should urlencode() sort the query parameters (if they come from a dict)?

[Daniel Holth]

Only if it is not an OrderedDict

> query = sorted(query.items())
>
> This would not prevent breakage of unit tests, but it would make a
> much simpler fix possible: simply sort the parameters in the URL.
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

[Python-Dev] Should urlencode() sort the query parameters (if they come from a dict)?

[Guido van Rossum]

I just fixed a unittest for some code used at Google that was
comparing a url generated by urllib.encode() to a fixed string. The
problem was caused by turning on PYTHONHASHSEED=1. Because of this,
the code under test would generate a textually different URL each time
the test was run, but the intention of the test was just to check that
all the query parameters were present and equal to the expected
values.

The solution was somewhat painful, I had to parse the url, split the
query parameters, and compare them to a known dict.

I wonder if it wouldn't make sense to change urlencode() to generate
URLs that don't depend on the hash order, for all versions of Python
that support PYTHONHASHSEED? It seems a one-line fix:

query = query.items()

with this:

query = sorted(query.items())

This would not prevent breakage of unit tests, but it would make a
much simpler fix possible: simply sort the parameters in the URL.

Thoughts?

-- 
--Guido van Rossum (python.org/~guido)
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Mountain Lion drops sign of zero, breaks test_cmath...

[Trent Nelson]

On Fri, Aug 17, 2012 at 06:50:09AM -0700, Stefan Krah wrote:
> R. David Murray  wrote:
> > > --- a/Lib/test/test_cmath.pyThu Aug 16 22:14:43 2012 +0200
> > > +++ b/Lib/test/test_cmath.pyFri Aug 17 07:54:05 2012 +
> > 
> > Open an issue on the tracker and make mark.dickinson (and maybe skrah)
> > nosy.
> 
> I think this issue covers the problem:
> 
> http://bugs.python.org/issue15477

Ah!  I'll update that with my notes.  (FWIW, I've changed my mind; I
think the correct action is to remove the erroneous entries from the
test file, rather than patch rAssertAlmostEqual.)

Trent.
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

[Python-Dev] Summary of Python tracker Issues

[Python tracker]

ACTIVITY SUMMARY (2012-08-10 - 2012-08-17)
Python tracker at http://bugs.python.org/

To view or respond to any of the issues listed below, click on the issue.
Do NOT respond to this message.

Issues counts and deltas:
  open3640 (+52)
  closed 23856 (+48)
  total  27496 (+100)

Open issues with patches: 1584 


Issues opened (80)
==

#15623: Init time relative imports no longer work from __init__.so mod
http://bugs.python.org/issue15623  opened by scoder

#15625: Support u and w codes in memoryview
http://bugs.python.org/issue15625  opened by loewis

#15626: unittest.main negates -bb option and programmatic warning conf
http://bugs.python.org/issue15626  opened by Ben.Darnell

#15627: Add a method to importlib.abc.SourceLoader for converting sour
http://bugs.python.org/issue15627  opened by brett.cannon

#15629: Run doctests in Doc/*.rst as part of regrtest
http://bugs.python.org/issue15629  opened by cjerdonek

#15631: Python 3.3 beta 1 installation issue lib/lib64 folders
http://bugs.python.org/issue15631  opened by ita1024

#15632: regrtest.py: spurious leaks with -R option
http://bugs.python.org/issue15632  opened by skrah

#15633: httplib.response is not closed after all data has been read
http://bugs.python.org/issue15633  opened by Nikratio

#15634: synchronized decorator for the threading module
http://bugs.python.org/issue15634  opened by jjdominguezm

#15636: base64.decodebytes is only available in Python3.1+
http://bugs.python.org/issue15636  opened by lurchman

#15637: Segfault reading null VMA (works fine in python 2.x)
http://bugs.python.org/issue15637  opened by albertomilone

#15639: csv.Error description is incorrectly broad
http://bugs.python.org/issue15639  opened by xmorel

#15640: Document importlib.abc.Finder as deprecated
http://bugs.python.org/issue15640  opened by brett.cannon

#15641: Clean up importlib for Python 3.4
http://bugs.python.org/issue15641  opened by brett.cannon

#15642: Integrate pickle protocol version 4 GSoC work by Stefan Mihail
http://bugs.python.org/issue15642  opened by alexandre.vassalotti

#15643: Support OpenCSW in setup.py
http://bugs.python.org/issue15643  opened by flub

#15645: 2to3 Grammar pickles not created when upgrading to 3.3.0b2
http://bugs.python.org/issue15645  opened by stefanholek

#15648: stderr "refs" output does not respect PYTHONIOENCODING
http://bugs.python.org/issue15648  opened by cjerdonek

#15649: subprocess.Popen.communicate: accept str for input parameter i
http://bugs.python.org/issue15649  opened by asvetlov

#15650: PEP 3121, 384 refactoring applied to dbm module
http://bugs.python.org/issue15650  opened by Robin.Schreiber

#15651: PEP 3121, 384 refactoring applied to elementtree module
http://bugs.python.org/issue15651  opened by Robin.Schreiber

#15652: PEP 3121, 384 refactoring applied to gdbm module
http://bugs.python.org/issue15652  opened by Robin.Schreiber

#15653: PEP 3121, 384 refactoring applied to hashopenssl module
http://bugs.python.org/issue15653  opened by Robin.Schreiber

#15654: PEP 384 Refactoring applied to bz2 module
http://bugs.python.org/issue15654  opened by Robin.Schreiber

#15655: PEP 384 Refactoring applied to json module
http://bugs.python.org/issue15655  opened by Robin.Schreiber

#15657: Error in Python 3 docs for PyMethodDef
http://bugs.python.org/issue15657  opened by sandro.tosi

#15660: In str.format there is a misleading error message about alignm
http://bugs.python.org/issue15660  opened by py.user

#15661: OS X installer packages should be signed for OS X 10.8 Gatekee
http://bugs.python.org/issue15661  opened by ned.deily

#15662: PEP 3121 refactoring applied to locale module
http://bugs.python.org/issue15662  opened by Robin.Schreiber

#15663: Investigate providing Tcl/Tk 8.5 with OS X installers
http://bugs.python.org/issue15663  opened by ned.deily

#15665: PEP 3121, 384 refactoring applied to lsprof module
http://bugs.python.org/issue15665  opened by Robin.Schreiber

#15666: PEP 3121, 384 refactoring applied to lzma module
http://bugs.python.org/issue15666  opened by Robin.Schreiber

#15667: PEP 3121, 384 refactoring applied to pickle module
http://bugs.python.org/issue15667  opened by Robin.Schreiber

#15668: PEP 3121, 384 Refactoring applied to random module
http://bugs.python.org/issue15668  opened by Robin.Schreiber

#15669: PEP 3121, 384 Refactoring applied to sre module
http://bugs.python.org/issue15669  opened by Robin.Schreiber

#15670: PEP 3121, 384 Refactoring applied to ssl module
http://bugs.python.org/issue15670  opened by Robin.Schreiber

#15671: PEP 3121, 384 Refactoring applied to struct module
http://bugs.python.org/issue15671  opened by Robin.Schreiber

#15672: PEP 3121, 384 Refactoring applied to testbuffer module
http://bugs.python.org/issue15672  opened by Robin.Schreiber

#15673: PEP 3121, 384 Refactoring applied to testcapi module
http://bugs.python.org/issue15673  opened by Robin.Schreiber

#15674: PEP 3121, 384 Refactoring applied to thread mod

Re: [Python-Dev] Mountain Lion drops sign of zero, breaks test_cmath...

[Stefan Krah]

R. David Murray  wrote:
> > --- a/Lib/test/test_cmath.pyThu Aug 16 22:14:43 2012 +0200
> > +++ b/Lib/test/test_cmath.pyFri Aug 17 07:54:05 2012 +
> 
> Open an issue on the tracker and make mark.dickinson (and maybe skrah)
> nosy.

I think this issue covers the problem:

http://bugs.python.org/issue15477


Stefan Krah


___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Mountain Lion drops sign of zero, breaks test_cmath...

[R. David Murray]

On Fri, 17 Aug 2012 04:00:50 -0400, Trent Nelson  wrote:
> This is the patch I came up with against test_cmath.py:
> 
> xenon% hg diff Lib/test/test_cmath.py
> diff -r ce49599b9fdf Lib/test/test_cmath.py
> --- a/Lib/test/test_cmath.pyThu Aug 16 22:14:43 2012 +0200
> +++ b/Lib/test/test_cmath.pyFri Aug 17 07:54:05 2012 +
> @@ -121,8 +121,10 @@
>  # if both a and b are zero, check whether they have the same sign
>  # (in theory there are examples where it would be legitimate for a
>  # and b to have opposite signs; in practice these hardly ever
> -# occur).
> -if not a and not b:
> +# occur) -- the exception to this is if we're on a system that drops
> +# the sign on zeros.
> +drops_zero_sign = sysconfig.get_config_var('LOG1P_DROPS_ZERO_SIGN')
> +if not drops_zero_sign and not a and not b:
>  if math.copysign(1., a) != math.copysign(1., b):
>  self.fail(msg or 'zero has wrong sign: expected {!r}, '
>'got {!r}'.format(a, b))
> 
> With that applied, all the test_cmath tests pass again (without any
> changes to the test file).
> 
> Thoughts?

Open an issue on the tracker and make mark.dickinson (and maybe skrah)
nosy.

--David
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

[Python-Dev] Mountain Lion drops sign of zero, breaks test_cmath...

[Trent Nelson]

The Mountain Lion build slave I set up earlier this evening fails on
test_cmath:

==
FAIL: test_specific_values (test.test_cmath.CMathTests)
--
Traceback (most recent call last):
  File 
"/Volumes/bay2/buildslave/cpython/2.7.snakebite-mountainlion-amd64/build/Lib/test/test_cmath.py",
 line 352, in test_specific_values
msg=error_message)
  File 
"/Volumes/bay2/buildslave/cpython/2.7.snakebite-mountainlion-amd64/build/Lib/test/test_cmath.py",
 line 94, in rAssertAlmostEqual
'got {!r}'.format(a, b))
AssertionError: atan: atan(complex(0.0, 0.0))
Expected: complex(0.0, 0.0)
Received: complex(0.0, -0.0)
Received value insufficiently close to expected value.

Mountain Lion's atan/log1p appear to drop the negative sign when
passed in -0.0, whereas previous versions of OS X didn't:

Mountain Lion:
% ~/log1p-viper 

log1p_drops_zero_sign_test:
atan2(log1p(-0.), -1.) != atan2(-0., -1.)
  3.14159 vs  -3.14159

atan_drops_zero_sign_test:
atan2(-0.,  0.): -0.0
atan2( 0., -0.): 3.14159
atan2(-0., -0.): -3.14159
atan2( 0.,  0.): 0.0
log1p(-0.):  0.0
log1p( 0.):  0.0

Lion:
% ./log1p

log1p_drops_zero_sign_test:
atan2(log1p(-0.), -1.) == atan2(-0., -1.)
  -3.14159 vs  -3.14159

atan_drops_zero_sign_test:
atan2(-0.,  0.): -0.0
atan2( 0., -0.): 3.14159
atan2(-0., -0.): -3.14159
atan2( 0.,  0.): 0.0
log1p(-0.):  -0.0
log1p( 0.):  0.0

(The C code for that is below.)

configure.ac already has a test for this (it makes mention of AIX
having similar behaviour), and the corresponding sysconfig entry
named 'LOG1P_DROPS_ZERO_SIGN' is already being used on a few tests,
i.e.:


  # The algorithm used for atan and atanh makes use of the system
  # log1p function; If that system function doesn't respect the sign
  # of zero, then atan and atanh will also have difficulties with
  # the sign of complex zeros.
  @requires_IEEE_754
  @unittest.skipIf(sysconfig.get_config_var('LOG1P_DROPS_ZERO_SIGN'),
   "system log1p() function doesn't preserve the sign")
  def testAtanSign(self):
  for z in complex_zeros:
  self.assertComplexIdentical(cmath.atan(z), z)

  @requires_IEEE_754
  @unittest.skipIf(sysconfig.get_config_var('LOG1P_DROPS_ZERO_SIGN'),
   "system log1p() function doesn't preserve the sign")
  def testAtanhSign(self):
  for z in complex_zeros:
  self.assertComplexIdentical(cmath.atanh(z), z)

Taking a look at cmath_testcases.txt, and we can see this:

-- These are tested in testAtanSign in test_cmath.py
-- atan atan 0.0 0.0 -> 0.0 0.0
-- atan0001 atan 0.0 -0.0 -> 0.0 -0.0
-- atan0002 atan -0.0 0.0 -> -0.0 0.0
-- atan0003 atan -0.0 -0.0 -> -0.0 -0.0

However, a few lines down, those tests crop up again:

-- special values
atan1000 atan -0.0 0.0 -> -0.0 0.0

atan1014 atan 0.0 0.0 -> 0.0 0.0

which is what causes the current test failures.  I hacked
test_cmath.py a bit to spit out all the errors it finds after
it's finished parsing the test file (instead of bombing out on
the first one), and it yielded this:

FAIL: test_specific_values (test.test_cmath.CMathTests)
--
Traceback (most recent call last):
  File 
"/Volumes/bay2/buildslave/cpython/3.2.snakebite-mountainlion-amd64/build/Lib/test/test_cmath.py",
 line 446, in test_specific_values
self.fail("\n".join(failures))
AssertionError: atan1000: atan(complex(-0.0, 0.0))
Expected: complex(-0.0, 0.0)
Received: complex(-0.0, -0.0)
Received value insufficiently close to expected value.
atan1014: atan(complex(0.0, 0.0))
Expected: complex(0.0, 0.0)
Received: complex(0.0, -0.0)
Received value insufficiently close to expected value.
atanh0225: atanh(complex(-0.0, 5.6067e-320))
Expected: complex(-0.0, 5.6067e-320)
Received: complex(0.0, 5.6067e-320)
Received value insufficiently close to expected value.
atanh0227: atanh(complex(-0.0, -3.0861101e-316))
Expected: complex(-0.0, -3.0861101e-316)
Received: complex(0.0, -3.0861101e-316)
Received value ins