New submission from Christian Heimes:
One error path in list.sort() doesn't do proper cleanup. It neither sets an
exception nor resets the internal pointers to its former values. In case of
failed malloc() it leaves the list object in an invalid state.
--
components: Interpreter Core
Changes by Serhiy Storchaka storch...@gmail.com:
--
nosy: +rhettinger
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24038
___
___
Python-bugs-list
Antoine Pitrou added the comment:
I'm not sure what the transitional period refers to, though.
The Python 2 - Python 3 migration.
It's 8 years later now and doesn't look like str(bytes_object) will
go away a source of subtle bugs anytime soon
str(bytes_object) is perfectly reasonable when
Changes by Davin Potts pyt...@discontinuity.net:
--
nosy: +davin
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24033
___
___
Python-bugs-list
Behdad Esfahbod added the comment:
Replacing all control characters by entities before trying to parse the Plist
XML would likely be the best way forward.
That wouldn't work. Control characters are disallowed in XML's character set,
so they are invalid even if input as entities.
Guido van Rossum added the comment:
It would be unacceptable if print(b) were to raise an exception. The reason the
transitional period is long is just that people are still porting Python 2 code.
--
assignee: - gvanrossum
status: pending - closed
New submission from Behdad Esfahbod:
Please replace instances of type({}) in plistlib.py with self._dict_type.
--
components: Library (Lib)
messages: 241875
nosy: Behdad.Esfahbod
priority: normal
severity: normal
status: open
title: plistlib assumes dict_type is descendent of dict
Tal Einat added the comment:
I'm working on a new version of Georg's patch which applies to the current
default branch.
I'm having trouble with AC output going into a separate file, since this
requires a lot of things to be declared before the #include of the .c.h file.
Should I move all of
New submission from Prince:
I tried to search for a keyword in idle with help of search dialog box, it
worked just fine however when I tried to minimize the box it didn't minimize.
All other options like expand and close works as expected.
Steps To Reproduce:
1) open idle
2) press cntrl+f to
Changes by Prince prince0...@gmail.com:
--
type: - behavior
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24039
___
___
Python-bugs-list mailing
Behdad Esfahbod added the comment:
plistlib's internal implementation already supports sort_keys and skipkeys,
those just are not wired to load() and loads().
--
nosy: +Behdad.Esfahbod
___
Python tracker rep...@bugs.python.org
Christopher Gurnee added the comment:
If you have to care about security, you shouldn't use the random module
at all. random.SystemRandom() merely uses a CPRNG as entropy source. But
It also manipulates numbers in ways that may or may not be safe.
I must respectfully disagree with this. The
Serhiy Storchaka added the comment:
In textio.c, the decoder always should return bytes, not arbitrary read-only
buffer (this is required in other parts of the code). So y# can be replaced
with O with PyBytes_GET_SIZE.
--
keywords: +patch
Added file:
Serhiy Storchaka added the comment:
You only need include generated file before defining PyMethodDef arrays and
PyTypeObject instances. There shouldn't be problems if only one class is
defined in a file, otherwise you can move these static initializations together
to the end of the file.
Serhiy Storchaka added the comment:
I consider this as transitional style, for simpler converting to Argument
Clinic without changing the behaviour. In future it can be replaced with bool.
But the bool converter has a downside. It is harder to extend it. We can't add
a support of say a tuple,
New submission from Behdad Esfahbod:
encodings.aliases has this in it's tail, even master today [0]
# temporary mac CJK aliases, will be replaced by proper codecs in 3.1
'x_mac_japanese' : 'shift_jis',
'x_mac_korean': 'euc_kr',
'x_mac_simp_chinese' : 'gb2312',
Changes by Serhiy Storchaka storch...@gmail.com:
--
dependencies: +Convert os._getfullpathname() and os._isdir() to Argument Clinic
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24009
___
New submission from Serhiy Storchaka:
Proposed patch converts os._getfullpathname() and os._isdir() to Argument
Clinic. This simplifies a code and as a sided effect adds a check for embedded
null character in os._getfullpathname(). The patch is not tested and can
contain bugs.
--
Behdad Esfahbod added the comment:
Also, I'm not sure about the 'x_' prefix. It's not kept for the other mac
encodings. There's a useful table here:
https://github.com/behdad/fonttools/issues/236
--
___
Python tracker rep...@bugs.python.org
Larry Hastings added the comment:
Why isn't the patch tested?
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24042
___
___
Python-bugs-list
Alexander Belopolsky added the comment:
I am -1 on the patch. (int)PyLong_AsLong(value) can silently convert non-zero
error code to zero.
I would leave 2.7 as is and limit allowable values to a range supported by
the platform.
Note that ANSI C standard only specifies two values:
Changes by Ned Deily n...@acm.org:
--
nosy: +hyeshik.chang, lemburg
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24041
___
___
Python-bugs-list
Serhiy Storchaka added the comment:
There are _PyInt_AsInt() and _PyLong_AsInt().
--
nosy: +serhiy.storchaka
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue14376
___
Changes by Serhiy Storchaka storch...@gmail.com:
--
keywords: +patch
Added file: http://bugs.python.org/file39187/clinic_os_getfullpathname.patch
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24042
New submission from Behdad Esfahbod:
They are used in OpenType fonts, but not implemented by Python at this time.
Here's are the Unicode mappings for them:
http://unicode.org/Public/MAPPINGS/VENDORS/APPLE/ROMANIAN.TXT
http://unicode.org/Public/MAPPINGS/VENDORS/APPLE/CROATIAN.TXT
Thanks.
Changes by Ned Deily n...@acm.org:
--
nosy: +lemburg, loewis
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24043
___
___
Python-bugs-list mailing
Alexander Belopolsky added the comment:
The key issue here is not to report success for nonzero values.
I consider the following a bug:
$ python3
Python 3.4.2 (default, Oct 30 2014, 08:51:12)
[GCC 4.2.1 Compatible Apple LLVM 6.0 (clang-600.0.54)] on darwin
Type help, copyright, credits or
Ryan Gonzalez added the comment:
Now we're getting away from the original issue. This wasn't created to handle
edge cases for sys.exit; is was created to make it accept long values under
Python 2.
--
nosy: +Ryan.Gonzalez
___
Python tracker
Serhiy Storchaka added the comment:
I have no Windows.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24042
___
___
Python-bugs-list mailing
Larry Hastings added the comment:
I think this is silly.
Python has a well-understood concept of truth:
https://docs.python.org/3/library/stdtypes.html#truth-value-testing
I assert that the reason people used the i format unit for what are really
boolean values is because a) the p format
Serhiy Storchaka added the comment:
The key issue here is not to report success for nonzero values.
This is different issue.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue14376
___
New submission from Benjamin Peterson:
Found by Christian Heimes:
Coverity has found a flaw in Objects/listobject.c:listsort() that
eventually leads to a NULL pointer dereference. Because NULL pointer
dereferences can lead to exploits or DoS vulnerabilities I'm reporting
the error on PSRT
Roundup Robot added the comment:
New changeset 91096d27c802 by Benjamin Peterson in branch '3.2':
properly handle malloc failure (closes #24044)
https://hg.python.org/cpython/rev/91096d27c802
New changeset 0d8f15053f42 by Benjamin Peterson in branch '3.3':
merge 3.2 (#24044)
Mark Lawrence added the comment:
The bug reported in msg225529 has been fixed, but there's another one a few
lines up https://hg.python.org/cpython/file/bd656916586f/PC/launcher.c#l265 as
there's only one % but two parameters. Although IIRC we'd get away with this
the way C works, shouldn't
Changes by Serhiy Storchaka storch...@gmail.com:
--
assignee: - serhiy.storchaka
resolution: - fixed
stage: patch review - resolved
status: open - closed
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24007
Alexander Belopolsky added the comment:
errors should not pass silently
The fix makes the problem worse.
Why would anyone want to pass a long integer to exit?
I bet the user who discovered this problem had something like 0L or 1L coming
from a lazily written C extension.
--
Changes by Benjamin Peterson benja...@python.org:
--
versions: -Python 2.7
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24044
___
___
Changes by Benjamin Peterson benja...@python.org:
--
resolution: - duplicate
status: open - closed
superseder: - NULL pointer dereference in listsort() with key function
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24038
Ethan Furman added the comment:
+1 for the fix.
Alexander, create a new issue for the problem of converting non-zero values to
zero.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue14376
Changes by Ethan Furman et...@stoneleaf.us:
--
nosy: +ethan.furman
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue14376
___
___
Python-bugs-list
Roundup Robot added the comment:
New changeset 151cab576cab by Serhiy Storchaka in branch 'default':
Issue #24007: Argument Clinic now writes the format of PyArg_Parse*() at the
https://hg.python.org/cpython/rev/151cab576cab
--
nosy: +python-dev
___
Changes by Serhiy Storchaka storch...@gmail.com:
Removed file:
http://bugs.python.org/file39185/issue24009_textio_decoder_getstate.patch
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24009
___
Changes by Serhiy Storchaka storch...@gmail.com:
Added file:
http://bugs.python.org/file39186/issue24009_textio_decoder_getstate.patch
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24009
___
Ma Lin added the comment:
Today, I investigated these popular programming languages, all are the latest
version.
iconv-1.14 wrong version
php-5.6.8 wrong version (php is using iconv)
ActivePerl-5.20.2wrong version
GoLang-1.4.2 no GB2312, only has
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:
--
nosy: +Arfrever
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24044
___
Tal Einat added the comment:
Here's a new version of Georg's patch which applies to the current default
branch. On my OSX 10.8, CPython compiles fine and all tests pass, though
test_devpoll and test_epoll were skipped.
I haven't made additional changes, so there is still AC-related work to be
eryksun added the comment:
Are you using pyreadline? It's commonly used with IPython. Pyreadline hooks
PyOS_ReadlineFunctionPointer to provide readline functionality in the REPL.
Since it accesses the console input via ReadConsoleInputW events instead of
using ReadConsoleW, it wouldn't
Ethan Furman added the comment:
Linux is not the only O/S that Python runs on.
There should be no difference between int and long.
Possible doc fix being tracked in issue24045.
Gareth, please ignore my comments about adding guards on the return value -- it
is up to the O/S to use or adjust
aixtools added the comment:
Although this is closed - it is not (yet) resolved, really.
ctypes does not compile on AIX 5.3, or AIX 6.1.
Applying the patch posted (https://bugs.python.org/file17098/pyffi.patch) does
get rid of most of the problems. However, to completely fix it I also copied
Behdad Esfahbod added the comment:
I don't have a valid use-case in mind. I was reading the code and noticed this
discrepancy.
(4) replace the isinstance(self.stack[-1], type({})) with not
isinstance(self.stack[-1], type([])).
--
___
Python
Ryan Gonzalez added the comment:
errors should not pass silently
The fix makes the problem worse.
Why would anyone want to pass a long integer to exit?
I bet the user who discovered this problem had something like 0L or 1L
coming from a lazily written C extension.
Or the person is
Ned Deily added the comment:
Sorry, I don't understand your suggested (4). If someone cares to provide a
suggested patch (with appropriate tests), we could review it. Otherwise, I
would be inclined to close this issue as not an issue. Ronald, any opinion?
--
Behdad Esfahbod added the comment:
The items on the stack are created in two ways: [], and self._dict_type().
Currently the code assumes that self._dict_type() returns an object that passes
isinstance(..., type({})). I suggested the following two ways to improve this
check:
- Replace
Alexander Belopolsky added the comment:
Passing anything other than one of the os.EX_* constants to sys.exit() is a bad
idea. In most cases you can get away with 0 and ±1. Anything beyond 8 bit
signed range is a gamble. Passing a computed integer value is even more
problematic. With the
New submission from Ethan Furman:
Not sure if this is a bug, or just One of Those Things:
sys.exit(large_value) can wrap around if the value is too large, but this is
O/S dependent.
linux (ubuntu 14.04)
$ python
Python 2.7.8 (default, Oct 20 2014, 15:05:29)
[GCC 4.9.1] on linux2
Gregory P. Smith added the comment:
diverging discussion: Go re-read the documentation on os.times(). It is
plural, it isn't just CPU time. (on POSIX os.times()[4] is likely to be the
system uptime in seconds as a float... it cannot be changed like the absolute
clock can, it is a relative
Christie added the comment:
Hey @berker.peksag, I've added a new patch in response to your review!
You should create the patch with hg diff --git to preserve moving. And then
apply it with hg import, not the patch command. Unfortunately Rietveld
don't like patches in git format.
Ick, I'm
Mahmoud Hashemi added the comment:
I would urge you all take a stronger look at usability, rather than parroting
the current state of the design and docs. Python gained renown over the years
for its ability to stay flexible while maturing. Focusing on purity and
ignoring the needs of
Serhiy Storchaka added the comment:
You should create the patch with hg diff --git to preserve moving. And then
apply it with hg import, not the patch command. Unfortunately Rietveld don't
like patches in git format.
--
nosy: +serhiy.storchaka
___
Changes by SilentGhost ghost@gmail.com:
--
components: +Windows
nosy: +paul.moore, steve.dower, tim.golden, zach.ware
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24035
___
Stefan Behnel added the comment:
Adding a patch for the inspect docs that refers to the Right Way To Do It.
--
Added file: http://bugs.python.org/file39179/inspect_docs.patch
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24018
Changes by Stefan Behnel sco...@users.sourceforge.net:
Removed file: http://bugs.python.org/file39179/inspect_docs.patch
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24018
___
Changes by Stefan Behnel sco...@users.sourceforge.net:
Added file: http://bugs.python.org/file39180/inspect_docs.patch
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24018
___
Tim Golden added the comment:
Perhaps unsurprisingly, I can't reproduce this on Python 2.7.9 32-bit running
on Win7 Home Premium.
Python doesn't handle CapsLock/Shift interaction directly: it just gets what it
gets from the underlying OS or framework. So I'm at a loss to know what might
Roundup Robot added the comment:
New changeset 0f9c43fb189d by Christian Heimes in branch '3.4':
Issue #24031: make patchcheck now supports git checkouts, too.
https://hg.python.org/cpython/rev/0f9c43fb189d
New changeset d1b706e57fbe by Christian Heimes in branch 'default':
Issue #24031: make
Christian Heimes added the comment:
Thanks!
--
resolution: - fixed
stage: commit review - resolved
status: open - closed
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24031
___
STINNER Victor added the comment:
On POSIX systems using os.times()[4] rather than an absolute time.time(),
This is just wrong. os.times() doesn't use seconds, but an CPU time which is
unrelated. socket.settimeout() uses seconds.
By the way, as I wrote before: using the system clock here may
Larry Hastings added the comment:
It's only used for signatures in builtins. Any possible security hole here is
uninteresting because the evil hacker already got to run arbitrary C code in
the module init.
Because it's only used for signatures in builtins, we shouldn't encounter a
function
Serhiy Storchaka added the comment:
Thanks for your explanation and sorry for the delay Davin. Yes, it makes sense.
--
assignee: davin - serhiy.storchaka
stage: patch review - commit review
___
Python tracker rep...@bugs.python.org
Larry Hastings added the comment:
Cleaned up the patch some more--the code was stupid in a couple places. I
think it's ready to go in.
--
Added file:
http://bugs.python.org/file39181/larry.improved.signature.expressions.3.txt
___
Python tracker
Roundup Robot added the comment:
New changeset 0ac30526c208 by Serhiy Storchaka in branch '2.7':
Issue #23713: Fixed fragility of test_imap_unordered_handle_iterable_exception.
https://hg.python.org/cpython/rev/0ac30526c208
New changeset 0eb5968c15ad by Serhiy Storchaka in branch '3.4':
Issue
Changes by Serhiy Storchaka storch...@gmail.com:
--
resolution: - fixed
stage: commit review - resolved
status: open - closed
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue23713
___
Serhiy Storchaka added the comment:
Using complex expressions is deceitful. In Python functions the default value
is evaluated only once, at function creation time, but inspect.signature will
evaluate it every time. For example foo(x={}) and foo(x=dict()) means the same
in function
New submission from Ma Lin:
While I was trying to optimize GB2312/GBK/GB18030-2000 codecs (they are three
encodings that widely used in China), I found there is a bug.
The three encodings, their relation should be: GB2312 ⊂ GBK ⊂ GB18030-2000.
However, in Python's implement: GB2312 ⊄ GBK ⊂
New submission from Serhiy Storchaka:
The 'i' format unit is often used for semantically boolean values. When the
parameter has a default value, in Argument clinic you should specify it twice,
as Python and C values:
closefd: int(c_default=1) = True
or
keepends:
Petr Viktorin added the comment:
ping
Anything I can do to help move this forward?
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue23699
___
___
Cyd Haselton added the comment:
Finally got readline to work with this build, but since the fixes are to the
readline source tree I'm not sure if they should go here.
With that plus whatever fixes to patches I suggested previously, I think this
build works. What would be the next steps for
Ma Lin added the comment:
Since MIDDLE DOT is a common character, this bug is annoying.
Sorry, it's MIDDLE DOT, not DASH.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24036
___
Changes by Serhiy Storchaka storch...@gmail.com:
--
nosy: +lemburg, loewis
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24036
___
___
Tal Einat added the comment:
Note: Despite not appearing in any of these patches, the zlib module seems to
have already been converted.
--
nosy: +taleinat
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue20182
Christian Heimes added the comment:
IMO it's not a security issue at all. If you have to care about security, you
shouldn't use the random module at all. random.SystemRandom() merely uses a
CPRNG as entropy source. But It also manipulates numbers in ways that may or
may not be safe.
Only
Ned Deily added the comment:
The documentation does not explicitly state whether or not dict_type values
have to be instances / subclasses of dict. Can you give a code example,
preferably something that could be added to Lib/test/test_plistlib.py, of a use
case for something that is not a
Changes by Serhiy Storchaka storch...@gmail.com:
--
nosy: +David.Edelsohn, alex, christian.heimes, dstufft, giampaolo.rodola,
janssen, pitrou
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24046
New submission from Elizabeth Myers:
str.startswith and str.endswith should accept multiple arguments when passing
in strings. This makes it easier to check if the first character of a string is
one of a given option, versus this awkward construction:
f = 'abc'
'test'.startswith(tuple(f))
Serhiy Storchaka added the comment:
The committer should be careful, and manually make hg mv and apply the patch
with the patch command, not hg import. We shouldn't lost the history.
--
___
Python tracker rep...@bugs.python.org
New submission from Davis Herring:
import.c's remove_module() is always called with an exception set and can
invoke arbitrary code via deallocation; if that code calls PyErr_Clear() (or is
sensitive to PyErr_Occurred()) it will lose (or be damaged by) the preexisting
exception.
--
Ronald Oussoren added the comment:
The test for type({}) is indeed wrong and should check for self._dict_type
instead. However, there needs to be a test before that change is made.
--
On the road, hence brief.
Op 24 apr. 2015 om 01:40 heeft Ned Deily rep...@bugs.python.org het volgende
Stephen Drake added the comment:
Ok, I can accept that. I think my mistake was to assume that because a
generator has a close() method, I could treat it as a lightweight wrapper for
another closeable object.
But it's better to regard a generator function that wraps an iterable as
something
New submission from aixtools:
Actually, I have been building and using my builds of Python, when needed for
./configure requirements for a long time. In short, it is quite nice that make
completes even when there are missing and/or failed modules.
I have just resolved the problem with ctypes
89 matches
Mail list logo