[issue25481] PermissionError in subprocess.check_output() when an inaccessible directory on the path

Eryk Sun added the comment: > So, two interesting questions: does this in fact match the behavior of > os._execvpe, and does it match the behavior of the shell? I think it's fine. child_exec() tries all paths. It saves the first error that's not ENOENT or ENOTDIR. The saved error gets

[issue43478] Disallow Mock spec arguments from being Mocks

Change by Karthikeyan Singaravelan : -- nosy: +xtreak ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue2528] Change os.access to check ACLs under Windows

Eryk Sun added the comment: With increasing use of os.access() in shutil and tempfile, it would be nice to have a real implementation of os.access() for Windows. Instead of manually evaluating the security of the file/directory, as issue2528.2.patch attempts to do, I'd rather just open the

[issue43423] Subprocess IndexError possible in _communicate

miss-islington added the comment: New changeset ad83fde75463dad2df878ff264f52436eb48bc6b by Miss Islington (bot) in branch '3.9': bpo-43423 Fix IndexError in subprocess _communicate function (GH-24777) https://github.com/python/cpython/commit/ad83fde75463dad2df878ff264f52436eb48bc6b

[issue43478] Disallow Mock spec arguments from being Mocks

New submission from Matthew Suozzo : An unfortunately common pattern over large codebases of Python tests is for spec'd Mock instances to be provided with Mock objects as their specs. This gives the false sense that a spec constraint is being applied when, in fact, nothing will be

[issue43423] Subprocess IndexError possible in _communicate

miss-islington added the comment: New changeset 1a5001c606b55226c03fa1046aa8f5e1db2fa67d by Miss Islington (bot) in branch '3.8': bpo-43423 Fix IndexError in subprocess _communicate function (GH-24777) https://github.com/python/cpython/commit/1a5001c606b55226c03fa1046aa8f5e1db2fa67d

[issue43423] Subprocess IndexError possible in _communicate

Change by miss-islington : -- pull_requests: +23596 pull_request: https://github.com/python/cpython/pull/24831 ___ Python tracker ___

[issue43423] Subprocess IndexError possible in _communicate

Change by miss-islington : -- pull_requests: +23595 pull_request: https://github.com/python/cpython/pull/24830 ___ Python tracker ___

[issue43423] Subprocess IndexError possible in _communicate

Change by miss-islington : -- pull_requests: +23594 pull_request: https://github.com/python/cpython/pull/24823 ___ Python tracker ___

[issue43477] from x import * behavior inconsistent between module types.

New submission from Thomas : I'm looking for clarification as to how `from x import *` should operate when importing file/directory-based modules versus when importing a sub-module from within a directory-based module. While looking into a somewhat related issue with pylint, I noticed that

[issue43471] Fails to import bz2 on Ubuntu

Change by Eric V. Smith : -- status: open -> pending ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue43267] [sqlite3] Redundant type checks in pysqlite_statement_bind_parameter()

Erlend Egeberg Aasland added the comment: $ python -m pyperf compare_to -G main.json patched.json Faster (1): - bind: 63.6 us +- 1.2 us -> 61.8 us +- 0.9 us: 1.03x faster $ git diff --shortstat master 1 file changed, 41 insertions(+), 74 deletions(-) -- keywords: +patch Added file:

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Saiyang Gou added the comment: There is a minor issue here. For gc.get_referrers and gc.get_referents, probably the format code for PySys_Audit should be "(O)" instead of "O". Typically the tuple `args` passed to the hook functions are fixed-length as described in the audit events table.

[issue43132] Incorrect handling of PyObject_RichCompareBool() in the _zoneinfo module

Change by Zackery Spytz : -- pull_requests: +23593 stage: needs patch -> patch review pull_request: https://github.com/python/cpython/pull/24829 ___ Python tracker ___

[issue43356] PyErr_SetInterrupt should have an equivalent that takes a signal number

Change by Antoine Pitrou : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___

[issue43356] PyErr_SetInterrupt should have an equivalent that takes a signal number

Antoine Pitrou added the comment: New changeset ba251c2ae6654bfc8abd9d886b219698ad34ac3c by Antoine Pitrou in branch 'master': bpo-43356: Allow passing a signal number to interrupt_main() (GH-24755) https://github.com/python/cpython/commit/ba251c2ae6654bfc8abd9d886b219698ad34ac3c

[issue40255] Fixing Copy on Writes from reference counting

Eric Snow added the comment: Note that my PR does make the builtin types immortal (at least those initialized in _PyTypes_Init()). However, I did not make the singletons or other candidate objects immortal in the PR. That can be done separately. --

[issue40255] Fixing Copy on Writes from reference counting

Eric Snow added the comment: FYI, I've just put up a similar PR [1] to Eddie's, with a focus on object immortality rather than immutability. However, if Py_IMMORTAL_CONST_REFCOUNTS is defined then it should have the behavior Eddie is after. [1] https://github.com/python/cpython/pull/24828

[issue40255] Fixing Copy on Writes from reference counting

Change by Eric Snow : -- nosy: +eric.snow nosy_count: 15.0 -> 16.0 pull_requests: +23592 pull_request: https://github.com/python/cpython/pull/24828 ___ Python tracker ___

[issue43476] Enabling access to showsyntaxerror for IDLE's shell

New submission from Andre Roberge : As a result of https://bugs.python.org/issue43008, IDLE now supports custom exception hook for almost all cases except for code entered in the interactive shell that result in SyntaxError. It would be useful for some applications if a way to replace the

[issue43353] Document that logging.getLevelName() can return a numeric value.

Mariusz Felisiak added the comment: I've prepared PRs with backports. -- ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue43353] Document that logging.getLevelName() can return a numeric value.

Change by Mariusz Felisiak : -- pull_requests: +23591 pull_request: https://github.com/python/cpython/pull/24826 ___ Python tracker ___

[issue43353] Document that logging.getLevelName() can return a numeric value.

Change by Mariusz Felisiak : -- pull_requests: +23590 pull_request: https://github.com/python/cpython/pull/24825 ___ Python tracker ___

[issue43475] Worst-case behaviour of hash collision with float NaN

Mark Dickinson added the comment: > I also wonder if there's security implication for servers that process > user-submitted input Yes, the "malicious actor" scenario is another one to consider. But unlike the string hashing attack, I'm not seeing a realistic way for the nan hash collisions

[issue43423] Subprocess IndexError possible in _communicate

Gregory P. Smith added the comment: The bug is fixed, Thanks Chris! There was a refactoring noted as being nice in my comments on the primary main branch PR that would be nice to have. But isn't critical. If you want to make a PR for that, just reuse this bpo-43423 issue number on the PR

[issue43423] Subprocess IndexError possible in _communicate

Change by miss-islington : -- nosy: +miss-islington nosy_count: 7.0 -> 8.0 pull_requests: +23589 pull_request: https://github.com/python/cpython/pull/24824 ___ Python tracker

[issue43423] Subprocess IndexError possible in _communicate

Gregory P. Smith added the comment: New changeset b4fc44bb2d209182390b4f9fdf074a46b0165a2f by Chris Griffith in branch 'master': bpo-43423 Fix IndexError in subprocess _communicate function (GH-24777) https://github.com/python/cpython/commit/b4fc44bb2d209182390b4f9fdf074a46b0165a2f

[issue43475] Worst-case behaviour of hash collision with float NaN

Cong Ma added the comment: Sorry, please ignore my rambling about "float() returning aliased object" -- in that case the problem with hashing doesn't arise. -- ___ Python tracker

[issue43470] Installation of Python 3.6.13 fails on MacOS Big Sur 11.2.3

Ned Deily added the comment: [Updated response] I'm sorry you ran into this but, unfortunately, Python 3.6 is in its security-fix-only phase of its life cycles and, as such, we do not provide support on them for new OS versions. Please see the detailed response to Issue43393 for more

[issue43438] [doc] sys.addaudithook() documentation should be more explicit on its limitations

Saiyang Gou added the comment: > Please also keep in mind that sys.addaudithook() does **not** add a global > hook. The function adds a per-interpreter hook. Yes, I'm aware of this. And this should be better documented. When I was playing around with audit hooks and reading the source code,

[issue43470] Installation of Python 3.6.13 fails on MacOS Big Sur 11.2.3

Change by Ned Deily : -- Removed message: https://bugs.python.org/msg388515 ___ Python tracker ___ ___ Python-bugs-list mailing

[issue43470] Installation of Python 3.6.13 fails on MacOS Big Sur 11.2.3

Change by Ned Deily : -- superseder: Installation of Python 3.6.13 fails on MacOS Big Sur 11.2.3 -> Older Python builds are missing a required file on Big Sur ___ Python tracker

[issue43469] Python 3.6 fails to run on MacOS (Big Sur 11.2.3)

Ned Deily added the comment: I'm sorry you ran into this but, unfortunately, the binaries from Python.org macOS installers prior to 3.7 do not work on macOS 11 Big Sur. Since Python 3.6 and 3.7 are in the security-fix-only phase of the life cycles, we do not provide support on them for new

[issue43470] Installation of Python 3.6.13 fails on MacOS Big Sur 11.2.3

Ned Deily added the comment: I'm sorry you ran into this but, unfortunately, the binaries from Python.org macOS installers prior to 3.7 do not work on macOS 11 Big Sur. Since Python 3.6 and 3.7 are in the security-fix-only phase of the life cycles, we do not provide support on them for new

[issue43475] Worst-case behaviour of hash collision with float NaN

Cong Ma added the comment: Thank you @mark.dickinson for the detailed analysis. In addition to your hypothetical usage examples, I am also trying to understand the implications for user code. If judging by the issues people open on GitHub like this:

[issue43475] Worst-case behaviour of hash collision with float NaN

Mark Dickinson added the comment: On third thoughts, of course it *would* help, because the Counter is keeping references to the realised NaN values. I think I'll go away now and come back when my brain is working. -- ___ Python tracker

[issue43475] Worst-case behaviour of hash collision with float NaN

Mark Dickinson added the comment: Hmm. On second thoughts, the proposed solution wouldn't actually *help* with the situation I gave: the elements (lazily) realised from the NumPy array are highly likely to all end up with the same address in RAM. :-( >>> x = np.full(10, np.nan) >>> for v in

[issue43475] Worst-case behaviour of hash collision with float NaN

Mark Dickinson added the comment: Sigh. When I'm undisputed ruler of the multiverse, I'm going to make "NaN == NaN" return True, IEEE 754 be damned. NaN != NaN is fine(ish) at the level of numerics; the problems start when the consequences of that choice leak into the other parts of the

[issue17519] unittest should not try to run abstract classes

Nathaniel Manista added the comment: In the years since this was considered and declined, I wonder if the facts have changed sufficiently to make it now worth doing? I often find myself writing TestCases for interfaces, and those define test_* methods that call the interface under test, but

[issue43312] Interface to select preferred "user" or "home" sysconfig scheme for an environment

Change by Piotr Dobrogost : -- nosy: +piotr.dobrogost ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue43475] Worst-case behaviour of hash collision with float NaN

Change by Mark Dickinson : -- nosy: +mark.dickinson ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue43181] Python macros don’t shield arguments

STINNER Victor added the comment: > Yet... the first argument is still unshielded, passed to a macro that expects > one single macro argument. Are you talking about the current code in the master branch or the 3.9 branch? If you are talking about the _PyObject_CAST(ob) call, would you mind

[issue43475] Worst-case behaviour of hash collision with float NaN

New submission from Cong Ma : Summary: CPython hash all NaN values to 0. This guarantees worst-case behaviour for dict if numerous existing keys are NaN. I think by hashing NaN using the generic object (or "pointer") hash instead, the worst-case situation can be alleviated without changing

[issue43454] [sqlite3] Add support for R*Tree callbacks

Erlend Egeberg Aasland added the comment: Unfortunately, there's no way to detect R*Tree support in sqlite3.h. We could run a script that dumps the compile options, and generate a config.h file from that: $ for L in $(sqlite3 ":memory:" "pragma compile_options"); do echo #define SQLITE_$L

[issue43452] Microoptimize PyType_Lookup for cache hits

STINNER Victor added the comment: > Geometric mean: 1.04x faster Hey, it's good to see my new pyperf feature being used :-D IMO it helps to more easily compare a large set of benchmarks. -- nosy: +vstinner ___ Python tracker

[issue43462] canvas.bbox returns None on 'hidden' items while coords doesn't

Vincent added the comment: ... calculate the coordinates using the canvas.coords function -- ___ Python tracker ___ ___

[issue43462] canvas.bbox returns None on 'hidden' items while coords doesn't

Vincent added the comment: Thank you for your comments. Yes, I would doubt that, too. You would expect to get a bounding box regardless what state the canvas item are in. The only way to fix this (and I'm open to suggestions), is to create a (custom) function that calculate every object

[issue43435] Py_BuildValue("y#".... returns incomplete result

Change by David Wood : Removed file: https://bugs.python.org/file49861/crypt.tar.gz ___ Python tracker ___ ___ Python-bugs-list mailing

[issue37193] Memory leak while running TCP/UDPServer with socketserver.ThreadingMixIn

STINNER Victor added the comment: Thank you for fixing the regression Jason R. Coombs ;-) -- ___ Python tracker ___ ___

[issue43462] canvas.bbox returns None on 'hidden' items while coords doesn't

E. Paine added the comment: This can be easily reproduced in Wish (8.6.11): % pack [canvas .c] % .c create rectangle 10 10 90 90 1 % .c bbox 1 9 9 91 91 % .c create rectangle 20 20 80 80 -state hidden 2 % .c bbox 2 % I doubt this is a bug because the docs

[issue43466] ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs

Pablo Galindo Salgado added the comment: > AFAIK this won't play will with static linking. It should not be any problem as long as we expose the SSL symbols in the dynamic table of the extension (this happens by default). The only nuisance would be that users will still need those shared

[issue43474] http.server.BaseHTTPRequestHandler end_header() fails

grumblor added the comment: perhaps simply returning the method if _headers_buffer isn't defined is better since there is probably nothing to flush. def end_headers(self): if not hasattr(self, '_headers_buffer'): return 1 """Send the blank line ending the

[issue43468] functools.cached_property locking is plain wrong.

Antti Haapala added the comment: Django was going to replace their cached_property by the standard library one https://code.djangoproject.com/ticket/30949 -- ___ Python tracker

[issue43474] http.server.BaseHTTPRequestHandler end_header() fails

New submission from grumblor : Python Version 3.8 http.server version 0.6 This is current install in new xubuntu 20.04 LTS, no idea if this is fixed in other version but appears to be present on github https://github.com/python/cpython/blob/3.9/Lib/http/server.py at line 525

[issue5857] Return namedtuples from tokenize token generator

Sergei Lebedev added the comment: > I strongly prefer that there not be inner named tuples. Hi Raymond, do you still strongly prefer (row, col) to remain unnamed? If so, could you comment on what makes you prefer that apart from (row, col) being more common than (col, row)? Are there any

[issue43441] [Subinterpreters]: global variable next_version_tag cause method cache bug

junyixie added the comment: under building Python with --with-experimental-isolated-subinterpreters -- ___ Python tracker ___ ___

[issue43441] [Subinterpreters]: global variable next_version_tag cause method cache bug

junyixie added the comment: This is a simple fix. https://github.com/python/cpython/pull/24822/commits/e61ce1dd28a48534ee497aaacb4439193bedfd42 -- ___ Python tracker ___

[issue43441] [Subinterpreters]: global variable next_version_tag cause method cache bug

Change by junyixie : -- keywords: +patch pull_requests: +23588 stage: -> patch review pull_request: https://github.com/python/cpython/pull/24822 ___ Python tracker ___

[issue43441] [Subinterpreters]: global variable next_version_tag cause method cache bug

Change by junyixie : -- components: +Subinterpreters -Interpreter Core title: mutilcorevm: global variable next_version_tag cause method cache bug -> [Subinterpreters]: global variable next_version_tag cause method cache bug ___ Python tracker

[issue43473] Junks in difflib

Change by Karthikeyan Singaravelan : -- nosy: +tim.peters ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue43334] venv does not install libpython

Hasan added the comment: Can you please provide more information about this behavior? -- nosy: +AliyevH ___ Python tracker ___ ___

[issue40521] [subinterpreters] Make free lists and unicode caches per-interpreter

junyixie added the comment: https://github.com/python/cpython/pull/24821/commits/9d7681dbd273b5025fd9b19d1be0a1f978a0b12e -- ___ Python tracker ___

[issue40521] [subinterpreters] Make free lists and unicode caches per-interpreter

junyixie added the comment: Should Make dtoa bigint free list per-interpreter. static Bigint *bigint_freelist[Kmax+1]; -> _is { Bigint *bigint_freelist[Kmax+1]; } -- message_count: 43.0 -> 44.0 nosy: +JunyiXie nosy_count: 5.0 -> 6.0 pull_requests: +23587 pull_request:

[issue43473] Junks in difflib

New submission from Hubert Bonnisseur-De-La-Bathe : Reading first at the documentation of difflib, I thought that the use of junks would have produced the result s = SequenceMatcher(lambda x : x == " ", "abcd efgh", "abcdefgh") s.get_matching_blocks() >>> [Match(a=0, b=0, size=8)] At a

[issue43438] [doc] sys.addaudithook() documentation should be more explicit on its limitations

Christian Heimes added the comment: Python's dynamic nature makes it hard to implement and reason about audit hooks written in Python. sys.addaudithook() is really only design for testing, debugging, and playing around with auditing. You absolutely have to write a custom interpreter if you

[issue43472] [security][subinterpreters] Add auditing hooks to subinterpreter module

New submission from Christian Heimes : The subinterpreters module does not emit any audit events yet. It's possible to create a subinterpreter and run arbitrary code through run_string(). We should also improve documentation of sys.addaudithook() and explain what 'current interpreter'

[issue42991] support for splitting multichannel audio fragments in audioop module

Ramón Fraterman added the comment: Could someone please have a look at my PR? -- ___ Python tracker ___ ___ Python-bugs-list

[issue43470] Installation of Python 3.6.13 fails on MacOS Big Sur 11.2.3

Change by Karthikeyan Singaravelan : -- components: +macOS nosy: +ned.deily, ronaldoussoren ___ Python tracker ___ ___

[issue43466] ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs

Christian Heimes added the comment: It's very much the same for OpenSSL 3.0.0: libssl.so and libcrypto.so. $ ldd build/lib.linux-x86_64-3.10/_ssl.cpython-310-x86_64-linux-gnu.so linux-vdso.so.1 (0x7a3cc000) libssl.so.3 =>

[issue42967] [CVE-2021-23336] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator

Petr Viktorin added the comment: There's another part of the new implementation that looks a bit fishy: the `separator` argument now allows multi-character strings, so you can parse 'a=1b=2' with separator=''. Was this intentional? -- ___ Python

[issue43452] Microoptimize PyType_Lookup for cache hits

Inada Naoki added the comment: $ ./python -m pyperf compare_to -G --min-speed=3 master.json pytype.json Slower (1): - unpack_sequence: 62.2 ns +- 0.6 ns -> 66.1 ns +- 0.9 ns: 1.06x slower Faster (29): - nbody: 182 ms +- 1 ms -> 152 ms +- 2 ms: 1.19x faster - regex_effbot: 4.00 ms +- 0.05 ms