environment variable, to provide an opt-in way to protect against denial of
service attacks due to hash collisions within the dict and set types. Patch
by David Malcolm, based on work by Victor Stinner.
svn+ssh://pythondev@svn.python.org/python/trunk
........
r81398 | antoine.pitrou | 2010-05-21 19:12:38 +0200 (ven., 21 mai 2010) | 6 lines
Issue #5753: A new C API function, :cfunc:`PySys_SetArgvEx`, allows
embedders of the interpreter to set sys.argv without also modifying
sys.path. This helps fix `CVE-2008-5983
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5983>`_.
........
svn+ssh://pythondev@svn.python.org/python/trunk
........
r72871 | benjamin.peterson | 2009-05-23 14:24:37 -0500 (Sat, 23 May 2009) | 1 line
support building with subversion 1.7 #6094
........
r72872 | benjamin.peterson | 2009-05-23 14:31:02 -0500 (Sat, 23 May 2009) | 1 line
reorder name
........
svn+ssh://pythondev@svn.python.org/python/trunk
........
r68521 | hirokazu.yamamoto | 2009-01-11 04:28:13 +0100 (So, 11 Jan 2009) | 1 line
Fixed version number in build_ssl.bat.
........
r68527 | martin.v.loewis | 2009-01-11 10:43:55 +0100 (So, 11 Jan 2009) | 2 lines
Issue #4895: Use _strdup on Windows CE.
........
r68534 | gregory.p.smith | 2009-01-11 18:53:33 +0100 (So, 11 Jan 2009) | 2 lines
correct email address
........
r68535 | gregory.p.smith | 2009-01-11 18:57:54 +0100 (So, 11 Jan 2009) | 9 lines
Update the documentation for binascii and zlib crc32/adler32 functions
to better describe the signed vs unsigned return value behavior on
different platforms and versions of python. Mention the workaround to
make them all return the same thing by using & 0xffffffff.
Fixes issue4903.
Also needs to be merged into release26-maint, release30-maint, & py3k.
........
r68536 | benjamin.peterson | 2009-01-11 20:48:15 +0100 (So, 11 Jan 2009) | 1 line
add email addresses
........
r68540 | martin.v.loewis | 2009-01-12 08:57:11 +0100 (Mo, 12 Jan 2009) | 2 lines
Issue #4915: Port sysmodule to Windows CE.
........
r68547 | kristjan.jonsson | 2009-01-12 19:09:27 +0100 (Mo, 12 Jan 2009) | 1 line
Add tests for invalid format specifiers in strftime, and for handling of invalid file descriptors in the os module.
........
r68552 | vinay.sajip | 2009-01-12 21:36:18 +0100 (Mo, 12 Jan 2009) | 1 line
Minor changes/corrections in markup.
........
r68563 | benjamin.peterson | 2009-01-13 02:49:10 +0100 (Di, 13 Jan 2009) | 1 line
small logic correction
........
r68570 | raymond.hettinger | 2009-01-13 10:08:32 +0100 (Di, 13 Jan 2009) | 5 lines
Issue 4922: Incorrect comments for MutableSet.add() and MutableSet.discard().
Needs to be backported to 2.6 and forward ported to 3.0 and 3.1.
........
r68572 | andrew.kuchling | 2009-01-13 14:40:54 +0100 (Di, 13 Jan 2009) | 1 line
Note that first coord. is left alone
........
r68575 | thomas.heller | 2009-01-13 18:32:28 +0100 (Di, 13 Jan 2009) | 1 line
Fix refcount leak in error cases. Bug found by coverity.
........
r68579 | benjamin.peterson | 2009-01-13 22:42:23 +0100 (Di, 13 Jan 2009) | 1 line
make bytearrayobject.o depend on the stringlib #4936
........
r68580 | benjamin.peterson | 2009-01-13 22:43:11 +0100 (Di, 13 Jan 2009) | 1 line
add bytearrayobject.h to PYTHON_HEADERS
........
r68584 | benjamin.peterson | 2009-01-13 23:22:41 +0100 (Di, 13 Jan 2009) | 1 line
de-spacify
........
'warnings' code in places where it was previously not possible (e.g., the
parser). It could also potentially lead to a speed-up in interpreter start-up
if the C version of the code (_warnings) is imported over the use of the
Python version in key places.
Closes issue #1631171.
I implemented the function sys._compact_freelists() and C API functions PyInt_/PyFloat_CompactFreeList() to compact the pre-allocated blocks of ints and floats. They allow the user to reduce the memory usage of a Python process that deals with lots of numbers.
The patch also renames sys._cleartypecache to sys._clear_type_cache
Added PyFloat_GetMax(), PyFloat_GetMin() and PyFloat_GetInfo() to the float API.
Added a dictionary sys.float_info with information about the internal floating point type to the sys module.
When running the interpreter in an environment that would cause it to set
stdout/stderr/stdin's encoding, having a sitecustomize that would replace
them with something other than PyFile objects would crash the interpreter.
Fix it by simply ignoring the encoding-setting for non-files.
This could do with a test, but I can think of no maintainable and portable
way to test this bug, short of adding a sitecustomize.py to the buildsystem
and have it always run with it (hmmm....)
some warnings from Klokwork. They verify the assumptions of the format
of svn version output.
The assert in the thread module helped debug a problem on HP-UX.
* unified the way intobject, longobject and mystrtoul handle
values around -sys.maxint-1.
* in general, trying to entierely avoid overflows in any computation
involving signed ints or longs is extremely involved. Fixed a few
simple cases where a compiler might be too clever (but that's all
guesswork).
* more overflow checks against bad data in marshal.c.
* 2.5 specific: fixed a number of places that were still confusing int
and Py_ssize_t. Some of them could potentially have caused
"real-world" breakage.
* list.pop(x): fixing overflow issues on x was messy. I just reverted
to PyArg_ParseTuple("n"), which does the right thing. (An obscure
test was trying to give a Decimal to list.pop()... doesn't make
sense any more IMHO)
* trying to write a few tests...
exact maximum size someone guesses is needed. In this case, if
we're really worried about extreme integers, then "cp%d" can
actually need 14 bytes (2 for "cp" + 1 for \0 at the end +
11 for -(2**31-1)). So reserve 128 bytes instead -- nothing is
actually saved by making a stack-local buffer tiny.