Jared Grubb [EMAIL PROTECTED] added the comment:
Yes, but exec(string) also gives a syntax error for \r\n:
exec('x=1\r\nprint x')
The only explanation I could find for ONLY permitting \n as newlines in
exec(string) comes from PEP278: There is no support for universal
newlines in strings
Guido van Rossum [EMAIL PROTECTED] added the comment:
I recommend that you only care about \n and consider everything else
unspecified.
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2182
__
Jared Grubb [EMAIL PROTECTED] added the comment:
I actually hadnt thought of that. PyPy should actually use universal
newlines to its advantage; after all, it IS written in Python... Thanks
for the suggestion!
In any case, I wanted to get this bug about the standard library in your
record, in
Trent Nelson [EMAIL PROTECTED] added the comment:
Invested quite a few cycles on this issue last night. The more time I
spent on it, the more I became convinced that every single test working
with sockets should be changed in one fell swoop in order to facilitate
(virtually unlimited)
Benjamin Peterson [EMAIL PROTECTED] added the comment:
Ok, we'll see what we can do.
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2574
__
___
Python-bugs-list mailing list
New submission from Anand B Pillai [EMAIL PROTECTED]:
Unpickling of range objects is throwing an exception in Python 3.0
--
components: Interpreter Core, Library (Lib)
files: bugdemo.py
messages: 65157
nosy: pythonhacker
severity: normal
status: open
title: Unpickling of range objects
Tarek Ziadé [EMAIL PROTECTED] added the comment:
For writing the metadata, we don't need to make any assumptions. We
can just write the bytes as-is. This is how distutils has behaved
for many releases now, and this is how users have been using it.
But write_pkg_file will use ascii encoding
Trent Nelson [EMAIL PROTECTED] added the comment:
Ahh, more FreeBSD threading woes. If no-one beats me to it, I'll be
able to start taking a look at this when our FreeBSD 7 server is up in
a week or so.
--
assignee: - Trent.Nelson
nosy: +Trent.Nelson
Trent Nelson [EMAIL PROTECTED] added the comment:
+1 from me on principle (haven't tested).
--
nosy: +Trent.Nelson
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2563
__
Guilherme Polo [EMAIL PROTECTED] added the comment:
Hi Trent,
FreeBSD 7 uses libthr as default, which would possibly eliminate this
problem.
--
nosy: +gpolo
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2564
__
New submission from monk.e.boy [EMAIL PROTECTED]:
Hi,
This is my first problem with anything Python :-) and my first issue.
Doing in the following:
urlparse.urljoin( 'http://site.com/', '../../../../path/' )
'http://site.com/../../../../path/'
urlparse.urljoin( 'http://site.com/',
Trent Nelson [EMAIL PROTECTED] added the comment:
Re-assigned this to myself (hope you don't mind janssen ;-) as I'm
actively looking into it. We build openssl.exe as part of our Windows
build so we should make an effort to use this where possible. Note
that there is definitely a problem
Changes by Trent Nelson [EMAIL PROTECTED]:
--
nosy: +Trent.Nelson
_
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue1220212
_
___
Python-bugs-list mailing list
Christian Heimes [EMAIL PROTECTED] added the comment:
Yes, it's me ;)
I'm +1 on the feature but I haven't reviewed your patch. IIRC and unless
I'm not mistaken you can tell the linker to embed the manifest without
the extra mt.exe dance.
__
Tracker [EMAIL
Amaury Forgeot d'Arc [EMAIL PROTECTED] added the comment:
I think that this problem is not FreeBSD specific:
- import test.autotest runs the whole test suite as a side-effect of
an import statement.
- in the test suite test_capi spawns threads, which also import.
- a lock ensues...
See for
Nick Coghlan [EMAIL PROTECTED] added the comment:
Running the interactive interpreter like that places the current
directory on sys.path, so it *is* doing an absolute import of your
pseudo email package. (If it didn't do that, your test would fail at the
import foo line)
Instead of cd'ing into
New submission from Tim Wilcoxson [EMAIL PROTECTED]:
According to the documentation there is not suppose to be numeric
overflow in python 2.5. However
If you run a for loop with the range(1, 3)a couple of times (for
me 2 or 3 times worked) in the IDLE (1.2.2)GUI . It will cause what
New submission from djc [EMAIL PROTECTED]:
[EMAIL PROTECTED] tests $ python2.6
Python 2.6a2+ (trunk, Apr 4 2008, 20:21:45)
[GCC 4.1.2 20070214 ( (gdc 0.24, using dmd 1.020)) (Gentoo 4.1.2
p1.0.2)] on linux2
Type help, copyright, credits or license for more information.
import urllib2
try:
Alexander Belopolsky [EMAIL PROTECTED] added the comment:
Python-3000 discussion http://mail.python.org/pipermail/python-
3000/2008-March/012753.html did not reveal any opposition to the idea
of batch processing of dict displays. However, a compromise suggestion
was made to limit batches to
Bill Janssen [EMAIL PROTECTED] added the comment:
Fine with me. I don't have a checkout of the code handy, but I believe
this is obsolete test code. All the SSL tests are, or should be, in
test_ssl, for 2.6 and 3.x. The right fix is to remove it.
__
Tracker
New submission from Justin Ferguson [EMAIL PROTECTED]:
The zlib module in multiple places fails to adequately check the sanity
of its arguments resulting in memory corruption, please see two attached
PoCs.
--
components: Extension Modules
files:
Changes by Justin Ferguson [EMAIL PROTECTED]:
Added file:
http://bugs.python.org/file9984/python-2.5.2-zlib-unflush-signedness.py
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2586
__
New submission from Justin Ferguson [EMAIL PROTECTED]:
The PyString_FromStringAndSize() function takes a pointer and signed
integer as input parameters however it fails to adequately check the
sanity of the integer argument. Because of the failure to check for
negative values and because it sums
Raymond Hettinger [EMAIL PROTECTED] added the comment:
-1 I don't think this is worth the semantic change. The current
approach doesn't require special cases for different dict sizes. The
code/time savings is very small (seven bytes of opcodes per item get
condensed by only one byte and
New submission from Justin Ferguson [EMAIL PROTECTED]:
The PyOS_vsnprintf() contains the caveat that the length parameter
cannot be zero, however this is only enforced via assert() which is
compiled out. As a result if the length parameter is zero then the
function will underflow and write a
Changes by Justin Ferguson [EMAIL PROTECTED]:
--
components: +Interpreter Core -Distutils
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2588
__
___
Python-bugs-list
New submission from Justin Ferguson [EMAIL PROTECTED]:
On architectures that do not have a vsnprintf() in their standard
library Python attempts to emulate it. When doing so, the implementation
ambitiously allocates more memory than requested without verifying the
sanity of the summed value. As
Amaury Forgeot d'Arc [EMAIL PROTECTED] added the comment:
I wonder why do you suspect a numeric overflow.
It may very well be that the system needs more time to become
responsive, when the script is run by Idle.
Idle actually spawns another python process to execute commands.
then the cmd
New submission from Justin Ferguson [EMAIL PROTECTED]:
The S_unpack_from() function in Modules/_struct.c does not adequately
validate its arguments, potentially causing an out-of-bounds read
access. It should be noted that the check at line 1561 is inadequate for
obscene values of offset.
Nick Coghlan [EMAIL PROTECTED] added the comment:
I spent an enlightening evening browsing through the source code for
weakref.proxy. The way that code works is to define every slot,
delegating to the proxied object to handle each call (wrapping and
unwrapping the proxied object as needed).
New submission from Justin Ferguson [EMAIL PROTECTED]:
I don't think any of these SGI modules even get used, but they're really
buggy-- you guys might want to consider just dropping them all together.
When printing errors larger than 128 bytes a stack based overflow occurs.
44 static void
Amaury Forgeot d'Arc [EMAIL PROTECTED] added the comment:
This is done already:
the second line in PyString_FromStringAndSize() is
assert(size=0);
You have to build python in debug mode though...
Oh, I realize this is not a real patch: no error is raised, and why
New submission from Nick Coghlan [EMAIL PROTECTED]:
From the discussion of issue 643841:
class Demo:
... def __index__(self):
... return 1
...
a = Demo()
b = weakref.proxy(a)
operator.index(a)
1
operator.index(b)
Traceback (most recent call last):
File stdin, line 1, in module
New submission from Justin Ferguson [EMAIL PROTECTED]:
Please see bug 2591 for a suggestion on what to do with these SGI modules.
(sorry I don't have any pocs/repros I dont have an sgi box handy atm)
Integer overflow/invalid allocation at 768, write to memory at 773
716 static PyObject *
717
Amaury Forgeot d'Arc [EMAIL PROTECTED] added the comment:
I think that programming errors against the python API are best checked
with asserts: I develop in development mode (with asserts enabled), then
I want my released program to run at full speed.
Other thoughts?
--
nosy:
Justin Ferguson [EMAIL PROTECTED] added the comment:
The problem with assert()'s is they require debugging to be enabled,
obviously, who compiles it that way?
You may not even want to worry about the second check, when you pass it
into the allocator it gets converted to an unsigned int which
Justin Ferguson [EMAIL PROTECTED] added the comment:
I can generally agree with that, and I admit I haven't verified all of
the code paths here- theres several hundred of them leading into this
function, are you positive all of them are safe? (seems like it would be
easier to just move the check
Justin Ferguson [EMAIL PROTECTED] added the comment:
Adding a poc from 2586 to demonstrate my point, this causes a call to
the allocator requesting zero bytes.
Added file:
http://bugs.python.org/file9985/python-2.5.2-zlib-unflush-misallocation.py
__
Tracker
New submission from Justin Ferguson [EMAIL PROTECTED]:
You guys should probably just remove the SGI modules, the code looks
like it hasn't been touched in some time and hasn't gone through the
same security checks as other pieces of code. Sorry I have no
repro's/pocs, I don't have an irix box
Marc-Andre Lemburg [EMAIL PROTECTED] added the comment:
You can't change the codec - it's being used in other places as well,
e.g. for use cases where you need to have a 7-bit encoded readable
version of a Unicode object.
Adding a new codec would be fine, though I don't know how this would map
Nick Coghlan [EMAIL PROTECTED] added the comment:
Marking as easy - it should be possible to just look at what the code in
Objects\weakref.c is already doing for slots like tp_len and tp_int and
do the same thing for tp_index.
--
keywords: +easy
__
Justin Ferguson [EMAIL PROTECTED] added the comment:
Just so you know, the scripts actually do two different things-- the
bugs are both related to negative values though. One causes
PyString_FromStringAndSize() to try an allocate zero bytes (the -24
one), the other causes like 22 bytes to get
Tim Wilcoxson [EMAIL PROTECTED] added the comment:
msg65177, i did try to close cmd. thats why it closed. i wasnt clear
enough. my apologies. it merely lags in command line in gives a memory
error. in IDLE, it wont respond, and it gives a logon process erorr in
windows if you try to view the
Nick Coghlan [EMAIL PROTECTED] added the comment:
Georg Brandl applied Santiago's patch in rev. 54329, 54330
--
resolution: - fixed
status: open - closed
_
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue1536059
New submission from Justin Ferguson [EMAIL PROTECTED]:
The imgfile module contains multiple integer overflows, this module is
only used on SGI boxes and is likely mostly unused and thus is fairly
low priority imho-- no repros, no poc, no sgi box :/
I'm only going to post one to give you the
Nick Coghlan [EMAIL PROTECTED] added the comment:
As of 2.5.1, a missing trailing newline no longer causes a Syntax Error,
making the second part of the caveat in the documentation unnecessary.
Changing to a documentation bug applicable to 2.5+.
--
assignee: - georg.brandl
components:
Justin Ferguson [EMAIL PROTECTED] added the comment:
I'm not going to file a different bug for rgbimgmodule.c, it has the
same types of issues.
Sorry, I don't mean to drop a ton of bugs, I'm prepping up to do a talk
on attacking the metadata in scripting languages (i.e. the python call
stack
Justin Ferguson [EMAIL PROTECTED] added the comment:
As an addemdum, consider the following code (theres no assert, but it
wouldnt have helped you outside of debug builds anyways):
488 static PyObject *PySSL_SSLread(PySSLObject *self, PyObject *args)
489 {
490 PyObject *buf;
491
Nick Coghlan [EMAIL PROTECTED] added the comment:
I think the lowered priority got lost somewhere along the line.
--
priority: normal - low
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue992389
Facundo Batista [EMAIL PROTECTED] added the comment:
Daniel, Aren, please submit also what Daniel described, and I'll take a
look and push it forward.
Regards,
--
nosy: +facundobatista
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2576
Richard King [EMAIL PROTECTED] added the comment:
(this is really 2 mails because my home email address was not registered so
they were rejected at first)
Right - I wasn't too clear. The module stashes stdin, whether from sys
or passed in, in self.stdin. When it reads input it uses a flag
Taavi Repän [EMAIL PROTECTED] added the comment:
I don't that the problem is in tests. For example
import pygtk
import gtk
hangs also. I don't have backtrace for PyGtk hang yet, but it hangs in
ucond state too (like test_capi).
__
Tracker [EMAIL PROTECTED]
Amaury Forgeot d'Arc [EMAIL PROTECTED] added the comment:
So let's it interpret this way:
range(1, 3) consumes more and more memory, and causes the system
to hang.
When python.exe is in a console, you have the ability to close the
window and kill the process.
When using Idle, the
Daniel Diniz [EMAIL PROTECTED] added the comment:
This is what I found doing some timings:
For the short-circuit path, the regexp can make quote 10x as fast in
exceptional cases, even comparing to the faster version in trunk. The
average win for short-circuit seems to be twice as fast as the
New submission from Collin Winter [EMAIL PROTECTED]:
2to3 should be able to translate the code snippet below successfully.
First guess: generalizing fix_dict's notion of special contexts would do
the trick.
import random
numbers = range(1, 50)
chosen = []
while len(chosen) 6:
number =
Tim Wilcoxson [EMAIL PROTECTED] added the comment:
not a nick aye? lol. I am new cant you tell.
And when i ran the script nothing could be closed. And, yes, I realize
it could be a memory exhaustion issue with windows. windows is notorious
for crappy resource handling. However, my concern came
New submission from Bruce Frederiksen [EMAIL PROTECTED]:
this is not reported in 2.6a1.
--
components: Interpreter Core
messages: 65207
nosy: dangyogi
severity: normal
status: open
title: python2.6 -3 should report list.sort(cmp) as DeprecationWarning
type: feature request
versions:
Raymond Hettinger [EMAIL PROTECTED] added the comment:
Already done in 2.6a2
--
nosy: +rhettinger
resolution: - out of date
status: open - closed
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2597
__
New submission from Bruce Frederiksen [EMAIL PROTECTED]:
Format strings are documented to only allow identifiers or integers as
the field_name, but allow almost anything.
Python 3.0a3
--
components: Interpreter Core
messages: 65209
nosy: dangyogi
severity: normal
status: open
title: {
New submission from Bruce Frederiksen [EMAIL PROTECTED]:
Being forced to number the arguments when using positional arguments in
a format string is difficult to maintain. Adding an argument to the
format string either requires renumbering all subsequent arguments, or
using an out of sequence
Changes by Marc-Andre Lemburg [EMAIL PROTECTED]:
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2541
__
___
Python-bugs-list mailing list
Unsubscribe:
Marc-Andre Lemburg [EMAIL PROTECTED] added the comment:
You can't change the codec - it's being used in other places as well,
e.g. for use cases where you need to have an 8-bit encoded readable
version of a Unicode object (which happens to be Latin-1 + Unicode
escapes for all non-Latin-1
Amaury Forgeot d'Arc [EMAIL PROTECTED] added the comment:
Isn't unicode-escape enough for this purpose?
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2541
__
___
Martin v. Löwis [EMAIL PROTECTED] added the comment:
But write_pkg_file will use ascii encoding if we don't indicate it
here:
pkg_info.write('Author: %s\n' % self.get_contact() )
Why do you say that it uses ascii? It uses whatever encoding the string
returned by get_contact uses. See the
Changes by djc [EMAIL PROTECTED]:
--
nosy: +georg.brandl -birkenfeld
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2585
__
___
Python-bugs-list mailing list
Tarek Ziadé [EMAIL PROTECTED] added the comment:
pkg_info.write('Author: %s\n' % self.get_contact() )
Why do you say that it uses ascii? It uses whatever encoding the string
returned by get_contact uses. See the attached P1-1.0.tar.gz for an
example. This doesn't use ASCII, and doesn't use
Amaury Forgeot d'Arc [EMAIL PROTECTED] added the comment:
In any case, I reproduce the problem on Windows too.
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2564
__
___
New submission from Pau Aliagas [EMAIL PROTECTED]:
I wanted to use urllib2 with something as usual as binding to a given
network interface and it was incredibly complex. I also did not like the
usual propodes solution to timeout the connections: set the global
socket timeour. I needed a
Changes by Alexander Belopolsky [EMAIL PROTECTED]:
--
title: PyString_FromStringAndSize() to be considered unsane -
PyString_FromStringAndSize() to be considered unsafe
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2587
Benjamin Peterson [EMAIL PROTECTED] added the comment:
Attaching an updated patch from a review Mark Summerfield.
Added file: http://bugs.python.org/file9989/io_doc3.patch
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2530
Mark Hammond [EMAIL PROTECTED] added the comment:
Note that we are actually using the linker to *generate* the manifest
(something linkers pre VC2005 couldn't do), so if we could tell the
linker to skip that manifest generation and embed it directly in the
DLL, it would certainly be easier.
New submission from Matthias Klose [EMAIL PROTECTED]:
r61009 on the 2.5 branch
- Bug #1389051, 1092502: fix excessively large memory allocations when
calling .read() on a socket object wrapped with makefile().
causes a regression compared to 2.4.5 and 2.5.2:
When reading from urllib2
Amaury Forgeot d'Arc [EMAIL PROTECTED] added the comment:
Committed r62229. Please file a separate issue for the gtk module, it's
really another thing.
--
resolution: - fixed
status: open - closed
__
Tracker [EMAIL PROTECTED]
Amaury Forgeot d'Arc [EMAIL PROTECTED] added the comment:
Committed r62231: remove _types module.
I did not add CellType though, because of discussion in #1605.
--
resolution: - accepted
status: open - closed
__
Tracker [EMAIL PROTECTED]
Collin Winter [EMAIL PROTECTED] added the comment:
Fixed in r62232. Verified that the sample code below runs successfully
under Python 3.0a4+ (r62209) after being run through 2to3.
--
resolution: - fixed
status: open - closed
title: 2to3's fix_range needs fix_dict's context information
Marc-Andre Lemburg [EMAIL PROTECTED] added the comment:
What do you mean with enough ?
The raw-unicode-escape codec is used in Python 2.x to convert literal
strings of the form ur to Unicode objects. It's a variant of the
unicode-escape codec.
The codec is also being used in cPickle, pickle,
Trent Nelson [EMAIL PROTECTED] added the comment:
Committed updates to relevant network-oriented tests, as well as
test_support changes discussed, in r62234.
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2550
__
Amaury Forgeot d'Arc [EMAIL PROTECTED] added the comment:
I mean: now that raw strings cannot represent all unicode points (or
more precisely, they need the file encoding to do so), is there a use
case for raw-unicode-escape that cannot be filled by the
unicode-escape codec?
Note that pickle
Alexander Belopolsky [EMAIL PROTECTED] added the comment:
As long as snprintf is used with a fixed size buffer using an idiom
snprintf(buffer, sizeof(buffer), ..)
there is no issue because sizeof(buffer) cannot be zero. AFAICT, this
is how python uses PyOS_vsnprintf wrapper.
On the other
Justin Ferguson [EMAIL PROTECTED] added the comment:
I do agree with your point about snprintf(..., sizeof(x), ...)-- my
single biggest point (and maybe i'm just not seeing it), is that there
appears to be no good reason for having this caveat and in turn its
essentially just code waiting to
Alexander Belopolsky [EMAIL PROTECTED] added the comment:
On Tue, Apr 8, 2008 at 9:21 PM, Justin Ferguson [EMAIL PROTECTED] wrote:
..
While no one seems to ever use it this way, don't forget that a good
alternative to asprintf() is calling sprintf() with a length of zero to
get the
Alexander Belopolsky [EMAIL PROTECTED] added the comment:
This has just been fixed in the trunk: r62235.
--
nosy: +belopolsky
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2586
__
Raymond Hettinger [EMAIL PROTECTED] added the comment:
Thx
--
resolution: - fixed
status: open - closed
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2586
__
___
Changes by Collin Winter [EMAIL PROTECTED]:
--
priority: - normal
__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2454
__
___
Python-bugs-list mailing list
Nick Coghlan [EMAIL PROTECTED] added the comment:
Using relative imports within smtplib wouldn't have made any difference
in this case. Your dummy email package was the first one encountered on
sys.path, so the import email.smtplib line (which does an import
email internally as the first step in
Daniel Diniz [EMAIL PROTECTED] added the comment:
The code patch is trivial, he said, only to find out it was not :)
Facundo, thanks in advance for taking a look at this!
This patch tries to implement, document and test an optional argument to
HTTPConnection, which passes it to HTTPResponse.
86 matches
Mail list logo