[issue25942] subprocess.call SIGKILLs too liberally

New submission from Mike Pomraning: Python 3.3 introduces timeout support in subprocess.call, implemented by sending a SIGKILL if the Popen.wait is interrupted by a TimeoutExpired exception. However, the "except" clause is too broad, and will, for instance, trigger on a KeyboardInterrupt.

[issue25943] Integer overflow in _bsddb leads to heap corruption

New submission from Ned Williamson: In function `_db_associateCallback` of the `_bsddb` module, associating two databases with a callback that returns a sufficiently large list will lead to heap corruption due an integer overflow on 32-bit Python. >From `_bsddb.c`: ``` else if

[issue25945] Type confusion in partial_setstate and partial_call leads to memory corruption

New submission from Ned Williamson: static PyObject * partial_setstate(partialobject *pto, PyObject *state) { PyObject *fn, *fnargs, *kw, *dict; if (!PyArg_ParseTuple(state, "", , , , )) return NULL; Py_XDECREF(pto->fn);

[issue25945] Type confusion in partial_setstate and partial_call leads to memory corruption

Changes by Ned Williamson : -- components: +Library (Lib) ___ Python tracker ___ ___

[issue25946] configure should pick /usr/bin/g++ automatically if present

New submission from Karl Richter: `./configure` both prints `checking for g++... no` and WARNING: By default, distutils will build C++ extension modules with "g++". If this is not intended, then set CXX on the configure command line. if `/usr/bin/g++` is present and

[issue25939] _ssl.enum_certificates() fails with ERROR_ACCESS_DENIED if python.exe run with low integrity level

Chi Hsuan Yen added the comment: PsExec.exe seems not redistributable. PAExec is an alternative but I've not tried it. [1] Another option is re-implementing a tiny program for lowering the integrity level based on example codes provided in [2], which I've not tried yet, either. The latter

[issue25944] Type confusion in partial_setstate and partial_repr leads to control flow hijack

New submission from Ned Williamson: static PyObject * partial_setstate(partialobject *pto, PyObject *state) { PyObject *fn, *fnargs, *kw, *dict; if (!PyArg_ParseTuple(state, "", , , , )) return NULL; Py_XDECREF(pto->fn);

[issue25941] Add 'How to Review a Patch' section to devguide

Changes by Terry J. Reedy : -- nosy: +terry.reedy ___ Python tracker ___ ___

[issue25939] _ssl.enum_certificates() fails with ERROR_ACCESS_DENIED if python.exe run with low integrity level

Steve Dower added the comment: Looks good to me. Is it worth dropping psexec.exe into the test suite so we can add a test for this (or maybe into tools so we can run it from a build without redistributing the exe)? It'll probably be helpful elsewhere too (symlink tests, for example).

[issue25939] _ssl.enum_certificates() fails with ERROR_ACCESS_DENIED if python.exe run with low integrity level

Eryk Sun added the comment: psexec.exe can be run from the the live server. >>> subprocess.call(r'\\live.sysinternals.com\tools\psexec.exe -s whoami') PsExec v2.11 - Execute processes remotely Copyright (C) 2001-2014 Mark Russinovich Sysinternals - www.sysinternals.com nt

[issue25945] Type confusion in partial_setstate and partial_call leads to memory corruption

Changes by Serhiy Storchaka : -- assignee: -> serhiy.storchaka components: +Extension Modules -Library (Lib) nosy: +ncoghlan, rhettinger, serhiy.storchaka stage: -> needs patch versions: +Python 2.7 ___ Python tracker

[issue25941] Add 'How to Review a Patch' section to devguide

New submission from Camilla Montonen: This list is based on helpful tips and discussions received on the core-mentorship list and aims to help new beginners review patches in the bug tracker. The submitted patch is still in progress (the layout is a bit wonky and some details are still

[issue25939] _ssl.enum_certificates() fails with ERROR_ACCESS_DENIED if python.exe run with low integrity level

Chi Hsuan Yen added the comment: OK I've just succeeded in creating a low integrity level process with my own codes. Now the problem is: how can I integrate this tool into the test system? Seems the integrity level is per-process, while all tests are run in the same process. -- Added

[issue25939] _ssl.enum_certificates() fails with ERROR_ACCESS_DENIED if python.exe run with low integrity level

New submission from Chi Hsuan Yen: Originally reported at https://github.com/rg3/youtube-dl/issues/7951 Steps to reproduce: 1. Build 99665:dcf9e9ae5393 with Visual Studio 2015 2. Download and extract PsTools [1] 3. PsExec.exe -l python.exe 4. In Python, run: import _ssl

[issue25940] SSL tests failed due to expired svn.python.org SSL certificate

New submission from Chi Hsuan Yen: The certificate of svn.python.org expires at Thu 24 Dec 2015 08:28:32 PM CST GMT, about 20 minutes ago. Please update its certificate or lots of tests in Lib\test\test_ssl.py fails with SSL: CERTIFICATE_VERIFY_FAILED. -- components: Tests messages:

[issue12484] The Py_InitModule functions no longer exist, but remain in the docs

Anish Shah added the comment: @brett.cannon Thanks! I have updated the patch. I removed "_PyImport_FixupExtension" from docs. -- Added file: http://bugs.python.org/file41404/issue12484.patch ___ Python tracker

[issue20440] Use the Py_SETREF macro

Roundup Robot added the comment: New changeset 23296440b654 by Serhiy Storchaka in branch '2.7': Issue #20440: Massive replacing unsafe attribute setting code with special https://hg.python.org/cpython/rev/23296440b654 New changeset fd36d72f6030 by Serhiy Storchaka in branch '3.5': Issue

[issue20440] Use the Py_SETREF macro

Serhiy Storchaka added the comment: Committed patches were generated with attached Coccinelle script. -- Added file: http://bugs.python.org/file41401/py_setref.cocci ___ Python tracker

[issue20440] Use the Py_SETREF macro

Serhiy Storchaka added the comment: Following patch is manually crafted and covers the rest cases. It also replaces existing correct attribute replacing using a temporary variable with more compact call of the macro. -- Added file:

[issue25933] Unhandled exception (TypeError) with ftplib in function retrbinary/retrlines causes inoperable behavior without crashing

SilentGhost added the comment: OK, here is the patch with the test that I think is exercising the issue. -- keywords: +needs review, patch stage: -> patch review Added file: http://bugs.python.org/file41403/issue25933.diff ___ Python tracker

[issue24103] Use after free in xmlparser_setevents (1)

Roundup Robot added the comment: New changeset deda5b5160d2 by Serhiy Storchaka in branch '2.7': Issue #24103: Fixed possible use after free in ElementTree.iterparse(). https://hg.python.org/cpython/rev/deda5b5160d2 New changeset ed62cf0cf256 by Serhiy Storchaka in branch '3.5': Issue #24103:

[issue24103] Use after free in xmlparser_setevents (1)

Changes by Serhiy Storchaka : -- dependencies: -Use the Py_SETREF macro resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker