[issue2004] tarfile extractall() allows local attacker to overwrite files while extracting

Martin v. Löwis added the comment: Lars, can you take a look? -- assignee: - lars.gustaebel nosy: +lars.gustaebel, loewis __ Tracker [EMAIL PROTECTED] http://bugs.python.org/issue2004 __

[issue1976] pybsddb leak in using cursors

Gregory P. Smith added the comment: Fix committed as r60544 in trunk and r60545 in release25-maint. i assume it'll be merged into py3k in the regular py3k merge sweeps. -- resolution: - accepted status: open - closed versions: +Python 2.5, Python 2.6

[issue2003] Incorrect definition of new-style class

Georg Brandl added the comment: Thanks for the delightful analysis! Fixed in r60550 :) -- nosy: +georg.brandl resolution: - fixed status: open - closed __ Tracker [EMAIL PROTECTED] http://bugs.python.org/issue2003 __

[issue2002] Make int() fall back to trunc()

Jeffrey Yasskin added the comment: There is also part of this patch that touches classobject.c but I'm not yet sure what the visible effect of that change would be or what the change was hoping to accomplish. All classic classes take the (m m-nb_int) branch, so without the change to

[issue1692335] Fix exception pickling: Move initial args assignment to BaseException.__new__

Martin v. Löwis added the comment: I tested exception_pickling_25.diff, and it may break existing code. In 2.5.1, Exception(Hello,4).__reduce__() gives (type 'exceptions.Exception', ('Hello', 4)) With the patch, it gives TypeError: can't pickle Exception objects IMO, that is an unacceptable

[issue2005] posixmodule expects sizeof(pid_t/gid_t/uid_t) = sizeof(long)

New submission from Christian Heimes: The posix module except that a pid_t, uid_t and gid_t always fit into a long or can be parsed by i. On some OSes and combination of 64bit typess and 32bit long it's an invalid assumption. The code should use long long where available or at least do some

[issue2004] tarfile extractall() allows local attacker to overwrite files while extracting

Changes by Christian Heimes: -- priority: - high versions: +Python 2.6, Python 3.0 __ Tracker [EMAIL PROTECTED] http://bugs.python.org/issue2004 __ ___ Python-bugs-list mailing

[issue2001] Pydoc interactive browsing enhancement

Changes by Giampaolo Rodola': -- nosy: +giampaolo.rodola __ Tracker [EMAIL PROTECTED] http://bugs.python.org/issue2001 __ ___ Python-bugs-list mailing list Unsubscribe:

[issue1941] 2.6 stdlib using with statement

Benjamin Peterson added the comment: I could break this patch into per-module patches. Then as authors approved them, they could gradually be committed. __ Tracker [EMAIL PROTECTED] http://bugs.python.org/issue1941 __

[issue1682] Move Demo/classes/Rat.py to Lib/rational.py and fix it up.

Guido van Rossum added the comment: FWIW, if Rational(Decimal(...)) is to be accepted, then Decimal(Rational(...)) should also be accepted, and arguably mixed binary operations as well (Rational(...) + Decimal(...) etc.). -- assignee: gvanrossum - jyasskin

[issue2002] Make int() fall back to trunc()

Raymond Hettinger added the comment: Go for it. -- assignee: gvanrossum - jyasskin resolution: - accepted __ Tracker [EMAIL PROTECTED] http://bugs.python.org/issue2002 __ ___

[issue1682] Move Demo/classes/Rat.py to Lib/rational.py and fix it up.

Raymond Hettinger added the comment: I would rather drop it than see that mess. FWIW, there is a difference. Rational(Decimal(...)) takes place without reference to a decimal.Context and is always lossless. In contrast, Decimal(Rational(...)) is context sensitive (the division is subject

[issue2002] Make int() fall back to trunc()

Guido van Rossum added the comment: Guido, are these basically the mechanics you intended? All calls to PyNumber_Int() and PyNumber_Long() attempt the usual path and if those would fail, it tries __trunc__ if it exists and coerces the result of that call back to an int or long. Yes, that's

[issue2002] Make int() fall back to trunc()

Jeffrey Yasskin added the comment: Submitted as r60566. -- status: open - closed __ Tracker [EMAIL PROTECTED] http://bugs.python.org/issue2002 __ ___ Python-bugs-list mailing

[issue2006] asyncore loop lacks timers and work tasks

Bill Janssen added the comment: Looks like Giampaolo has already submitted a patch for part of this, in http://bugs.python.org/issue1641 -- nosy: +giampaolo.rodola, josiahcarlson __ Tracker [EMAIL PROTECTED] http://bugs.python.org/issue2006

[issue909005] asyncore fixes and improvements

Bill Janssen added the comment: I should point out that I'm doing a big project with SSL and Python, using Medusa, and asyncore. I've been re-working the 2.6 and 3.x SSL support (with guidance from Giampolo :-) so that true async capability is possible for SSL. -- nosy: +janssen

[issue2006] asyncore loop lacks timers and work tasks

New submission from Bill Janssen: I've been reading asyncore lately, and feel that it's showing its age. Most loops of this sort (we developed something similar for ILU, about 15 years ago) contain handlers for timers and work tasks, in addition to input handling. For timers, typically there's

[issue1953] Compact int and float freelists

Neal Norwitz added the comment: I think sys is appropriate for clearing the cache. Lib/test/regrtest.py still has a reference to gc rather than sys. Why do the CompactFreeList APIs return an int that is always 0? Seems like they should return a real value or be void. I'm not sure why you

[issue1750076] Python 2.5+ skips while statements in debuggers

Neal Norwitz added the comment: I was hoping you could get rid of my entire hack. I didn't (still don't) completely understand the intention of the code, so can't really offer any more advice. IMO, the patch is an improvement so you should check it in. -- assignee: nnorwitz -