[issue27660] Replace size_t with Py_ssize_t as the type of local variable in list_resize

Xiang Zhang added the comment: v3 applies haypo's suggestion. -- Added file: http://bugs.python.org/file44192/list_resize_v3.patch ___ Python tracker ___

[issue25825] AIX shared library extension modules installation broken

David Edelsohn added the comment: > This bug was marked for 2.7 as well. Is there anything that needs to be done > for 2.7? It would be great if both patches were applied to 2.7 also. > How does patch 2 make the test_distutils situation worse? Is there anything > that should be done to

[issue25825] AIX shared library extension modules installation broken

Martin Panter added the comment: It looks like the change from plain config to config- was made in Issue 9807 (r86731, 3.2). So the patch seems reasonable to me; it is just catching up with that change. This bug was marked for 2.7 as well. Is there anything that needs to be done for 2.7?

[issue27831] Python 3.4.5 leaks memory when attempting to load non-existent file

New submission from geeknik: While fuzzing Python 3.4.5 with AFL, ASAN and libdislocator, I fat fingered the keyboard ASAN pops up a LeakSanitizer error. Apparently trying to open a non-existent file causes Python 3.4.5 to leak >880KB of memory. ./python: can't open file 'id:000109': [Errno

Raw Data from Website

Hi, I am hoping someone is able to help me. Is there a way to pull as much raw data from a website as possible. The webpage that I am looking for is as follows: http://www.homepriceguide.com.au/Research/ResearchSeeFullList.aspx?LocationType=LGA=QLD=632 The main variable that is important is

Re: Does This Scare You?

On 08/19/2016 06:11 PM, Wildman via Python-list wrote: Since I am fairly new to Python, I realize there is much that I still don't know but I don't understand how Windows can have reserved names on a Linux system. What am I missing? A PureWindowsPath (and PurePosixPath and PurePath) is a

[issue27435] ctypes library loading and AIX - also for 2.7.X (and later)

Martin Panter added the comment: I had understood that changing find_library() would only be useful in combination with the automatic RTDL_MEMBER detection. If you want to mention lack of support for AIX in the documentation, that is okay by me. If you want to propose an alternative

[issue27809] _PyObject_FastCall(): add support for keyword arguments

Roundup Robot added the comment: New changeset 620b2e554be4 by Victor Stinner in branch 'default': Issue #27809: builtin___build_class__() uses fast call https://hg.python.org/cpython/rev/620b2e554be4 -- ___ Python tracker

[issue27830] Add _PyObject_FastCallKeywords(): pass keyword arguments as (key, value) pairs

STINNER Victor added the comment: Here is a first patch: * Add _PyObject_FastCallKeywords(): main entry point * Add _PyCFunction_FastCallKeywords(): implementation for C function, but currently it's just an empty skeleton * Rename fast_function() to PyFunction_FastCallKeywords() and ajust its

[issue27643] test_ctypes fails on AIX with xlc

Martin Panter added the comment: Now I am confused. In we have [Me] If your compiler does not support “signed short” bitfields, maybe we just have to accept that ctypes supports it even though the compiler doesn’t, and skip the test. [Michael]

[issue27824] update ConfigParser docs regarding in-line comments

Joshua Haas added the comment: I'm not sure it's deprecated so much as moved. Python 3.5 includes an additional init parameter, so setting inline_comment_prefixes=';' allows inline comments even for values containing the ';' character, displaying the "expected behavior" described in my

[issue27810] Add METH_FASTCALL: new calling convention for C functions

STINNER Victor added the comment: According to discussions in the issue #27809, require a Python dict leads to inefficient code because a temporary dict may be required. The issue #27830 proposes to pass keyword arguments as (key, value) pairs. It should be used for the new METH_FASTCALL

[issue27830] Add _PyObject_FastCallKeywords(): pass keyword arguments as (key, value) pairs

New submission from STINNER Victor: In the issue #27809, I added support for keyword arguments to the function _PyObject_FastCallDict() (previously called _PyObject_FastCall). Keyword arguments are passed as a Python dictionary (dict). _PyObject_FastCallDict() is efficient when keyword

[issue27809] _PyObject_FastCall(): add support for keyword arguments

Roundup Robot added the comment: New changeset ef0110a52e24 by Victor Stinner in branch 'default': PyEval_CallObjectWithKeywords() uses fast call with kwargs https://hg.python.org/cpython/rev/ef0110a52e24 New changeset 5587d0dfab4c by Victor Stinner in branch 'default': Issue #27809: Use

[issue27809] _PyObject_FastCall(): add support for keyword arguments

STINNER Victor added the comment: Stefan Behnel: "I like the oneArg/noArg etc. macros. We use something similar in Cython." Oh, nice :-) Since they macros are private, I pushed fastcall_macros.patch. We can still rework them later if needed. "You can even use them to inline the METH_O and

[issue27820] Possible bug in smtplib when initial_response_ok=False

Mario Colombo added the comment: Yes, this (or something similar) totally bit me, when for another unrelated reason 'AUTH PLAIN' authentication failed: https://gist.github.com/macolo/bf2811c14d985d013dda0741bfd339e0 Python then tries auth_login, but doesn't send 'AUTH LOGIN' to the mail

Re: saving octet-stream png file

On 2016-08-22, Larry Martell wrote: > On Mon, Aug 22, 2016 at 1:25 PM, Jon Ribbens > wrote: >> On 2016-08-22, Larry Martell wrote: >>> (Pdb) type(request.POST[key]) >>> >>> (Pdb) request.encoding = "iso-8859-1" >>>

Re: saving octet-stream png file

On Mon, Aug 22, 2016 at 1:25 PM, Jon Ribbens wrote: > On 2016-08-22, Larry Martell wrote: >> On Sun, Aug 21, 2016 at 5:24 PM, Jon Ribbens >> wrote: >>> On 2016-08-19, Larry Martell wrote:

[issue27809] _PyObject_FastCall(): add support for keyword arguments

Roundup Robot added the comment: New changeset 1aefb4c4a7b4 by Victor Stinner in branch 'default': _PyFunction_FastCallDict() supports keyword args https://hg.python.org/cpython/rev/1aefb4c4a7b4 New changeset 7924eac912fe by Victor Stinner in branch 'default': Issue #27809: Cleanup

[issue27809] _PyObject_FastCall(): add support for keyword arguments

Roundup Robot added the comment: New changeset 263334a652ac by Victor Stinner in branch 'default': Rename _PyObject_FastCall() to _PyObject_FastCallDict() https://hg.python.org/cpython/rev/263334a652ac -- nosy: +python-dev ___ Python tracker

Re: Dynamically import specific names from a module vs importing full module

On Mon, Aug 22, 2016, at 16:21, Malcolm Greene wrote: > Python 3.5: Is there a way to dynamically import specific names from a > module vs importing the full module? > > By dynamic I mean via some form of importlib machinery, eg. I'm looking > for the dynamic "from import " equivalent of "import

Re: Dynamically import specific names from a module vs importing full module

On Monday, August 22, 2016 at 4:22:09 PM UTC-4, Malcolm Greene wrote: > Python 3.5: Is there a way to dynamically import specific names from a > module vs importing the full module? > > By dynamic I mean via some form of importlib machinery, eg. I'm looking > for the dynamic "from import "

[issue27128] Add _PyObject_FastCall()

STINNER Victor added the comment: Ok, I see much better with concrete commits. I'm really happy that Cython also benefits from these enhancements. Note: handling keywords is likely to change quickly ;-) -- ___ Python tracker

[issue27660] Replace size_t with Py_ssize_t as the type of local variable in list_resize

STINNER Victor added the comment: I reviewed list_resize_v2.patch. -- nosy: +haypo ___ Python tracker ___ ___

Dynamically import specific names from a module vs importing full module

Python 3.5: Is there a way to dynamically import specific names from a module vs importing the full module? By dynamic I mean via some form of importlib machinery, eg. I'm looking for the dynamic "from import " equivalent of "import "'s importlib.import_module. Thank you, Malcolm --

[issue27814] contextlib.suppress: Add whitelist argument

Michael Büsch added the comment: >an implementation of the vastly *less* common pattern: Ok, here are some numbers. My codebase is about 32 kLOC. $ git grep suppressAllExc |wc -l 20 $ git grep contextlib\\.suppress |wc -l 17 (suppressAllExc being my local version to suppress Exception, but

[issue27826] Null-pointer dereference in tuplehash() function

Raymond Hettinger added the comment: Closing as won't fix. It is impractical to make marshal resilient against bytecode hacks and it is likewise impractical to put a NULL pointer check in-front of every dereference in the language. -- resolution: -> wont fix status: open -> closed

Re: saving octet-stream png file

On Mon, 22 Aug 2016 13:21:43 -0400, Larry Martell wrote: > On Fri, Aug 19, 2016 at 4:51 PM, Lawrence D’Oliveiro > wrote: >> On Saturday, August 20, 2016 at 6:03:53 AM UTC+12, Terry Reedy wrote: >>> >>> An 'octet' is a byte of 8 bits. >> >> Is there any other size of byte?

[issue27660] Replace size_t with Py_ssize_t as the type of local variable in list_resize

Raymond Hettinger added the comment: This is low priority. I will look at it during the sprint. As far as I know there is no bug here or performance problem; instead, the patch alters stable code and transfers responsibilities. -- priority: normal -> low

Re: Does This Scare You?

On Mon, 22 Aug 2016 17:27:13 +, Jon Ribbens wrote: > On 2016-08-22, Chris Angelico wrote: >> I tried things like "con.txt" and it simply failed (no such file or >> directory), without printing anything to the console. > > I'm not sure how you got that to fail, but writing

Re: ANN: pygene - genetic algorithms package

On Tuesday, December 6, 2005 at 11:10:56 AM UTC+3:30, aum wrote: > Hi all, > > I looked at a few genetic algorithms/genetic programming packages for > Python, and found them somewhat convoluted, complicated and > counter-intuitive to use. > > So I've written a genetic algorithms package which I

Re: DED processing

On Tue, Aug 23, 2016 at 3:58 AM, Larry Martell wrote: > On Mon, Aug 22, 2016 at 1:52 PM, Gary Sublett wrote: >> I have to go out for a while, so for DED processing two options from >> my end: >> >> 1. Process as you all have been in the past for

[issue27643] test_ctypes fails on AIX with xlc

Changes by Eric N. Vander Weele : Removed file: http://bugs.python.org/file44189/ctypes_test_sign_bitfields.diff ___ Python tracker ___

[issue27643] test_ctypes fails on AIX with xlc

Eric N. Vander Weele added the comment: > I believe that there is a specific reason that M, N, O, P, Q, R and S are "short". [...] Oops - this was an oversight when I created the patch. I just uploaded ctypes_test_sign_bitfields_2.diff, which is what I originally intended. -- Added

[issue27794] setattr a read-only property; the AttributeError should show the attribute that failed

Antti Haapala added the comment: I've got one idea about how to implement this, but it would require adding a new flag field to PyExc_AttributeError type. This flag, if set, would tell that the AttributeError in question was raised in C descriptor code or under similar circumstances, and that

[issue12713] argparse: allow abbreviation of sub commands by users

Vinay Sajip added the comment: Mean culpa - I have jumped the gun on this. Sorry to all for the inconvenience. I have just got back after being away for a few days, and will revert the change shortly, if no one beats me to it. -- ___ Python

[issue12713] argparse: allow abbreviation of sub commands by users

Vinay Sajip added the comment: *Mea culpa. Autocorrect :-( -- ___ Python tracker ___ ___ Python-bugs-list

[issue27643] test_ctypes fails on AIX with xlc

Michael Felt added the comment: On 22-Aug-16 19:43, Eric N. Vander Weele wrote: > Eric N. Vander Weele added the comment: > > I came across this issue while researching where to post my patch (having > come across this while building Python 2.7 & 3.x on AIX via xlc). > >> In general in C, if a

[issue27435] ctypes library loading and AIX - also for 2.7.X (and later)

Michael Felt added the comment: On 22-Aug-16 04:04, Martin Panter wrote: > Martin Panter added the comment: > > The ctypes tests all seem to be protected with code that checks for None, and > explicitly skip the test in that case. The skip message should be visible > when you run the test in

Re: Does This Scare You?

On 2016-08-22, Steve D'Aprano wrote: > I'm not really sure what the question is -- we've established that there's a > bug in the non-Windows implementation that tries to emulate Window's > behaviour. What else is there to argue about? It doesn't seem to be "the

[issue27809] _PyObject_FastCall(): add support for keyword arguments

Stefan Behnel added the comment: I just took a quick look at the fastcall_kwargs-2.patch for now. It looks ok in general, but it also adds quite some special code for the dict-to-locals mapping. Is the keyword argument calling case really that important? I mean, it requires creating a dict

Re: Does This Scare You?

On Tue, 23 Aug 2016 03:13 am, eryk sun wrote: > But if they open files > like "C:\Users\JoeUser\Documents\Nul.20160822.doc", I want to make > sure they know that they just asked to save to "\\.\NUL". It's not a > common problem. I just find the system's behavi

Re: Something wrong with the PIP, lots of friend have the same problem

even though I try to upgrade PIP[cid:beb9e7c5-7d98-4506-ba67-9e67890edec1] From: Wentao Liang Sent: Sunday, 21 August 2016 4:35:31 PM To: python-list@python.org Subject: Something wrong with the PIP, lots of friend have the same problem

[issue27809] _PyObject_FastCall(): add support for keyword arguments

Stefan Behnel added the comment: I like the oneArg/noArg etc. macros. We use something similar in Cython. You can even use them to inline the METH_O and METH_NOARGS call cases (although I use inline functions for that in Cython). -- ___ Python

Re: DED processing

On Mon, Aug 22, 2016 at 1:52 PM, Gary Sublett wrote: > I have to go out for a while, so for DED processing two options from > my end: > > 1. Process as you all have been in the past for now. If you all do > this, the records that have not been mailed prior to the latest

[issue25825] AIX shared library extension modules installation broken

Eric N. Vander Weele added the comment: > Patch1 looks fine to me, though I will have to rely on you people to verify > that it does what it’s supposed to. Do you want me to commit it straight > away, or wait for your follow-up patch? Independently, I have created a similar patch as well and

DED processing

I have to go out for a while, so for DED processing two options from my end: 1. Process as you all have been in the past for now. If you all do this, the records that have not been mailed prior to the latest list are contained in a MailManage Job name DED_master. If you chose to process as in

[issue27128] Add _PyObject_FastCall()

Stefan Behnel added the comment: > What do you mean by "I copied your (no-kwargs) implementation"? I copied what you committed into CPython for _PyFunction_FastCall(): https://github.com/cython/cython/commit/8f3d3bd199a3d7f2a9fdfec0af57145b3ab363ca and then enabled its usage in a couple of

Re: The dangerous, exquisite art of safely handing user-uploaded files: Tom Eastman (was: Does This Scare You?)

On Tue, Aug 23, 2016 at 3:32 AM, Tim Chase wrote: > On 2016-08-23 02:20, Chris Angelico wrote: >> It generally will (or rather, only if the file has one of a >> particular set of extensions). Automatic thumbnailing is usually >> done only for certain file names. I

[issue27643] test_ctypes fails on AIX with xlc

Eric N. Vander Weele added the comment: I came across this issue while researching where to post my patch (having come across this while building Python 2.7 & 3.x on AIX via xlc). > In general in C, if a bit-field has type “int” without a signed or unsigned > qualifier, it is up to the

[issue27794] setattr a read-only property; the AttributeError should show the attribute that failed

Xiang Zhang added the comment: One solution I can think of is alter the constructor of property() and add an optional name attribute to it. If users really care about the exception message, they can set the attribute to the property's name. If they don't care, everything remains the same as

Re: Does This Scare You?

On 2016-08-22, Steve D'Aprano wrote: > On Mon, 22 Aug 2016 09:50 pm, Jon Ribbens wrote: >> I don't know what purpose you are envisaging this function being used >> for, but the only one I can think of is input sanitisation. e.g. a web >> form where you receive a file

[issue27794] setattr a read-only property; the AttributeError should show the attribute that failed

R. David Murray added the comment: Not worth it. It would feel like boilerplate, and the situation where you want the information is almost invariably going to be one you didn't anticipate and so didn't "bother" with the name. Either that or you always have to do it, and the elegance of

Re: Does This Scare You?

On 2016-08-22 22:39, Chris Angelico wrote: > Nope. On Windows, you would try/except it. There are myriad other > ways something could fail, and the only correct action is to > attempt it. Most of the reserved names will simply give an error; The problem is that when opening such a pseudo-file,

Re: The dangerous, exquisite art of safely handing user-uploaded files: Tom Eastman (was: Does This Scare You?)

On 2016-08-23 02:20, Chris Angelico wrote: > It generally will (or rather, only if the file has one of a > particular set of extensions). Automatic thumbnailing is usually > done only for certain file names. I don't know of anything that > opens every single file to see if it has a JFIF signature

Re: saving octet-stream png file

On 2016-08-22, Larry Martell wrote: > On Sun, Aug 21, 2016 at 5:24 PM, Jon Ribbens > wrote: >> On 2016-08-19, Larry Martell wrote: >>> fd.write(request.POST[key]) >> >> You could try: >> >> request.encoding =

Re: Does This Scare You?

On 2016-08-22, Chris Angelico wrote: > I tried things like "con.txt" and it simply failed (no such file or > directory), without printing anything to the console. I'm not sure how you got that to fail, but writing to "con.txt" certainly does write to the console in Windows 10 -

Re: Does This Scare You?

On Tue, Aug 23, 2016 at 3:13 AM, eryk sun wrote: > On Mon, Aug 22, 2016 at 4:18 PM, Chris Angelico wrote: >> >>> The CON device should work if the process is attached to a console >>> (i.e. a conhost.exe instance). >> >> No, I used Pike (to avoid any

Re: saving octet-stream png file

On Fri, Aug 19, 2016 at 4:51 PM, Lawrence D’Oliveiro wrote: > On Saturday, August 20, 2016 at 6:03:53 AM UTC+12, Terry Reedy wrote: >> >> An 'octet' is a byte of 8 bits. > > Is there any other size of byte? Many, many years ago, probably c. 1982 my Dad came into my house

Re: Does This Scare You?

ile to a (possibly hidden) console or NUL device is not the same thing as failing with an error. If users explicitly open "NUL" or "\\.\NUL", I can detect that, and I have no problem with it (with some reservations about the former). But if they open files like "C:\Users\JoeUser\Do

[issue26331] PEP 515: Tokenizer: allow underscores for grouping in numeric literals

Xiang Zhang added the comment: Hi Georg, I left several comments on Rietveld. Hope it helps. -- nosy: +xiang.zhang ___ Python tracker ___

Re: saving octet-stream png file

On Mon, Aug 22, 2016 at 10:36 AM, Larry Martell wrote: > On Fri, Aug 19, 2016 at 4:24 PM, Chris Kaynor > wrote: >> On Fri, Aug 19, 2016 at 12:00 PM, Larry Martell >> wrote: >> >>> On Fri, Aug 19, 2016 at 1:24 PM, Chris

Re: The dangerous, exquisite art of safely handing user-uploaded files: Tom Eastman

On Tue, Aug 23, 2016 at 2:08 AM, Marko Rauhamaa wrote: > Random832 : > >> On Mon, Aug 22, 2016, at 11:40, Chris Angelico wrote: >>> Windows has some other issues, including that arbitrary files can >>> become executable very easily (eg if %PATHEXT%

Re: The dangerous, exquisite art of safely handing user-uploaded files: Tom Eastman (was: Does This Scare You?)

On Mon, Aug 22, 2016 at 3:40 PM, Chris Angelico wrote: > Windows has some other issues, including that arbitrary files can > become executable very easily (eg if %PATHEXT% includes its file > extension), cmd uses PATHEXT to augment its search by appending each extension in the

Re: The dangerous, exquisite art of safely handing user-uploaded files: Tom Eastman (was: Does This Scare You?)

On Tue, Aug 23, 2016 at 1:56 AM, Random832 wrote: >> And any GUI that automatically calculates thumbnails from >> image files (this includes Windows, Mac OS, and more than one Linux >> window manager) could potentially be attacked via a malformed file, >> simply by having

Re: Does This Scare You?

On Tue, Aug 23, 2016 at 1:54 AM, eryk sun wrote: > On Mon, Aug 22, 2016 at 1:17 PM, Chris Angelico wrote: >> I tried things like "con.txt" and it simply failed (no such file or >> directory), without printing anything to the console. > > Are you using IDLE or

Re: The dangerous, exquisite art of safely handing user-uploaded files: Tom Eastman

Random832 : > On Mon, Aug 22, 2016, at 11:40, Chris Angelico wrote: >> Windows has some other issues, including that arbitrary files can >> become executable very easily (eg if %PATHEXT% includes its file >> extension), and since the current directory is always at the >>

[issue27828] Regression in http.cookies parsing with single key without value

Yuriy Zhuravlev added the comment: >Any RFC I'm looking at says that the value is required, so your syntax is >simply not valid and is rejected by the parser. Perhaps but this cookies sets not by me (maybe JS ads widget or etc). And I can't fix it. I can't auth users because their cookies

Re: The dangerous, exquisite art of safely handing user-uploaded files: Tom Eastman (was: Does This Scare You?)

On Mon, Aug 22, 2016, at 11:40, Chris Angelico wrote: > Windows has some other issues, including that arbitrary files can > become executable very easily (eg if %PATHEXT% includes its file > extension), and since the current directory is always at the beginning > of your path, this can easily turn

Re: Does This Scare You?

On Mon, Aug 22, 2016 at 1:17 PM, Chris Angelico wrote: > I tried things like "con.txt" and it simply failed (no such file or > directory), without printing anything to the console. Are you using IDLE or some other IDE that uses pythonw.exe instead of python.exe? If so, first

[issue27784] Random failure of test_TCPServer() of test.test_socketserver.SocketServerTest and test_handle_accept() of test.test_asyncore.TestAPI_UseIPv6Select on FreeBSD buildbots

Berker Peksag added the comment: Here is another one on koobs-freebsd10: http://buildbot.python.org/all/builders/AMD64%20FreeBSD%2010.x%20Shared%203.x/builds/4809/steps/test/logs/stdio test_handle_accept was fine this time. And this one is from koobs-freebsd9:

Re: The dangerous, exquisite art of safely handing user-uploaded files: Tom Eastman (was: Does This Scare You?)

On Tue, Aug 23, 2016 at 12:21 AM, Ben Finney wrote: > > So yes, filenames from arbitrary sources should be *completely* > untrusted, and never used to access any file on the system. Throw the > entire filename away and make a filename locally, without using any part >

Re: The dangerous, exquisite art of safely handing user-uploaded files: Tom Eastman (was: Does This Scare You?)

On Tue, Aug 23, 2016 at 12:34 AM, Random832 wrote: > On Mon, Aug 22, 2016, at 10:21, Ben Finney wrote: >> So yes, filenames from arbitrary sources should be *completely* >> untrusted, and never used to access any file on the system. Throw the >> entire filename away and

Re: The dangerous, exquisite art of safely handing user-uploaded files: Tom Eastman (was: Does This Scare You?)

On 2016-08-23 00:21, Ben Finney wrote: > So yes, filenames from arbitrary sources should be *completely* > untrusted, and never used to access any file on the system. Throw > the entire filename away and make a filename locally, without using > any part of the original name. Sadly, this ideal

Re: PEP suggestion: Uniform way to indicate Python language version

On Tue, Aug 23, 2016 at 12:29 AM, Random832 wrote: > On Mon, Aug 22, 2016, at 09:21, Steve D'Aprano wrote: >> Rather, you just use the features you rely on, document the minimum >> supported version, and if somebody is silly enough to try running your >> code >> under

[issue18139] email module should have a way to prepend and insert headers

Barry A. Warsaw added the comment: I meant .items() -- ___ Python tracker ___ ___ Python-bugs-list mailing

[issue18139] email module should have a way to prepend and insert headers

Barry A. Warsaw added the comment: I've updated this to Python 3.6, but I don't know if there's time to design an API and implementation in the time left before beta 1. But a use case has come up, so I want to reboot this discussion (yes, it should go to email-sig too). Apparently ARC

[issue18139] email module should have a way to prepend and insert headers

Changes by Barry A. Warsaw : -- versions: +Python 3.6 -Python 3.4 ___ Python tracker ___

[issue27587] Issues, reported by PVS-Studio static analyzer

Changes by Berker Peksag : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker

[issue27587] Issues, reported by PVS-Studio static analyzer

Roundup Robot added the comment: New changeset 51627344fc58 by Berker Peksag in branch '3.5': Issue #27587: Move null pointer check earlier in _PyState_AddModule() https://hg.python.org/cpython/rev/51627344fc58 New changeset 7d90bf4780ff by Berker Peksag in branch 'default': Issue #27587: Merge

Re: saving octet-stream png file

On Fri, Aug 19, 2016 at 4:24 PM, Chris Kaynor wrote: > On Fri, Aug 19, 2016 at 12:00 PM, Larry Martell > wrote: > >> On Fri, Aug 19, 2016 at 1:24 PM, Chris Angelico wrote: >> > On Sat, Aug 20, 2016 at 3:10 AM, Larry Martell

Re: saving octet-stream png file

On Sun, Aug 21, 2016 at 5:24 PM, Jon Ribbens wrote: > On 2016-08-19, Larry Martell wrote: >> fd.write(request.POST[key]) > > You could try: > > request.encoding = "iso-8859-1" > fd.write(request.POST[key].encode("iso-8859-1")) > > It's

Re: The dangerous, exquisite art of safely handing user-uploaded files: Tom Eastman (was: Does This Scare You?)

On Mon, Aug 22, 2016, at 10:21, Ben Finney wrote: > So yes, filenames from arbitrary sources should be *completely* > untrusted, and never used to access any file on the system. Throw the > entire filename away and make a filename locally, without using any part > of the original name. To be

Re: PEP suggestion: Uniform way to indicate Python language version

On Mon, Aug 22, 2016, at 09:21, Steve D'Aprano wrote: > Rather, you just use the features you rely on, document the minimum > supported version, and if somebody is silly enough to try running your > code > under Python 1.4, they'll get a SyntaxError or an exception when you try > to > do something

The dangerous, exquisite art of safely handing user-uploaded files: Tom Eastman (was: Does This Scare You?)

Chris Angelico writes: > […] to be honest, I wouldn't accept file names from untrusted sources > on *any* system […] That's one of the wiser things said in this whole thread. > I'd use arbitrary numbers or hashes as the file names, and store the > originally-submitted file

Re: Does This Scare You?

On Mon, 22 Aug 2016 10:56 pm, Random832 wrote: > On Mon, Aug 22, 2016, at 08:39, Chris Angelico wrote: >> Nope. On Windows, you would try/except it. > > No, you can't, because the failure mode often isn't "file refuses to > open" but "data is written to a serial port". Ah, that's a good point.

Re: PEP suggestion: Uniform way to indicate Python language version

On Mon, 22 Aug 2016 10:52 pm, Random832 wrote: > On Mon, Aug 22, 2016, at 08:44, Chris Angelico wrote: >> However, I don't think it's particularly necessary. Explicit version >> number checks should be very rare, and shouldn't be encouraged. >> Instead, encourage feature checks, as Steve gave

Re: Does This Scare You?

On Mon, 22 Aug 2016 09:50 pm, Jon Ribbens wrote: > On 2016-08-22, Chris Angelico wrote: >> On Mon, Aug 22, 2016 at 8:33 PM, Jon Ribbens >> wrote: >>> On 2016-08-22, Steve D'Aprano wrote: On Mon, 22 Aug 2016 10:38 am,

[issue27660] Replace size_t with Py_ssize_t as the type of local variable in list_resize

Xiang Zhang added the comment: Ping. -- ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue27809] _PyObject_FastCall(): add support for keyword arguments

STINNER Victor added the comment: fastcall_macros.patch: * Rename _PyObject_FastCall() to _PyObject_FastCallDict() * Add _PyObject_FastCall(func, args, nargs) macro * Add _PyObject_CallArg1(func, arg) macro * Add _PyObject_CallNoArg(func) macro The 3 new macros call _PyObject_FastCallDict().

[issue27824] update ConfigParser docs regarding in-line comments

R. David Murray added the comment: The python3 docs do not mention inline comments. Perhaps we even want a documented deprecation here? -- ___ Python tracker

[issue27824] update ConfigParser docs regarding in-line comments

R. David Murray added the comment: Alternate proposal. Replace that whole paragraph with: Configuration files may include comments, prefixed by specific characters (# and ;). Comments may appear on their own in an otherwise empty line. If a line has a value or section name that does not

Re: PEP suggestion: Uniform way to indicate Python language version

On Monday, August 22, 2016 at 7:00:36 PM UTC+5:30, Steve D'Aprano wrote: > Realistically, by the time you convince people this is a useful feature, > write a patch and have the patch reviewed, you'll be looking at Python 3.7. > So 3.7 will have this new syntax "use version", and *no other

Re: PEP suggestion: Uniform way to indicate Python language version

On Mon, 22 Aug 2016 08:32 pm, rocky wrote: > On Monday, August 22, 2016 at 1:36:07 AM UTC-4, Steven D'Aprano wrote: [...] >> But... I don't understand what this proposal actually is. We already have >> a uniform way to indicate the Python language version: check sys.version, >> or

[issue27809] _PyObject_FastCall(): add support for keyword arguments

STINNER Victor added the comment: > _PyObject_FastCallKeywords(PyObject **args, int nargs, PyObject **kwargs, int > nkwargs): nkwargs is the number of (key, value) pairs Hum, I don't know if it's worth to "split" the C array into two parts. Maybe it can be just:

Re: Does This Scare You?

On Mon, Aug 22, 2016 at 10:56 PM, Random832 wrote: >> Most of the reserved names will simply give an error; the only way >> you'd actually get incorrect behaviour is if the file name, including >> extension, is exactly a device name. > > I think the reason you believe this

Re: PEP suggestion: Uniform way to indicate Python language version

Random832 : > The problem is when you want to write a large body of code that just > *uses* lots of features (including syntactic features), *without* > checking for them. Ordinarily, that's the job of package management. The installer will perform the necessary checks for

[issue27818] Speed up number format spec parsing

STINNER Victor added the comment: -while (pos ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue27213] Rework CALL_FUNCTION* opcodes

STINNER Victor added the comment: See also the issue #27809 "_PyObject_FastCall(): add support for keyword arguments" where we discuss if we can completely avoid the creation of a temporary dictionary to pass keyword arguments. -- ___ Python

Re: Does This Scare You?

On Mon, Aug 22, 2016 at 12:39 PM, Chris Angelico wrote: > > Nope. On Windows, you would try/except it. There are myriad other ways No, I would not rely on exceptions in this case. Both \\.\CON and \\.\NUL can be opened for both reading and writing, so you may not detect the

  1   2   >