Commit Graph

5721 Commits

Author SHA1 Message Date
Gregory P. Smith c10f5c2828 Fixes Issue 14234: fix for the previous commit, keep compilation when
using --with-system-expat working when the system expat does not have
salted hash support.
2012-03-14 18:12:23 -07:00
Gregory P. Smith c8ff46032f Fixes Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes
in the hash table internal to the pyexpat module's copy of the expat
library to avoid a denial of service due to hash collisions.
Patch by David Malcolm with some modifications by the expat project.
2012-03-14 15:28:10 -07:00
Éric Araujo 7f4b3be2cc Fix typo “seperator” 2012-02-26 01:41:39 +01:00
Georg Brandl 66e565ee48 merge with 2.6 2012-02-21 22:38:31 +01:00
Georg Brandl 3aec568e6e Remove reST markup from --help output. Also: O(n**2) is dict construction, not single insertion. 2012-02-21 22:36:27 +01:00
Benjamin Peterson 6647113419 merge 2.6 2012-02-21 15:09:08 -05:00
Benjamin Peterson 4e171d12da don't need this hack anymore 2012-02-21 15:08:51 -05:00
Antoine Pitrou 776af4002b Fix crash at startup with -W options. 2012-02-21 20:42:48 +01:00
Antoine Pitrou cc3fa88a9c Fix crash at startup with -W options. 2012-02-21 20:42:48 +01:00
Barry Warsaw 8757cad394 Backport fix from default branch for ./python -R -Wd where hash('d') would not
have gotten randomized.
2012-02-21 11:16:06 -05:00
Petri Lehtinen 4ab701b2d3 sqlite3: Fix 64-bit integer handling in user functions on 32-bit architectures
Closes #8033.
2012-02-21 14:04:46 +02:00
Benjamin Peterson 9be6c3ddf0 kill interned strings computed before random initialization 2012-02-21 00:40:14 -05:00
Benjamin Peterson aee9dfba4a merge 2.6 with hash randomization fix 2012-02-20 21:44:56 -05:00
Barry Warsaw 1e13eb084f - Issue #13703: oCERT-2011-003: add -R command-line option and PYTHONHASHSEED
environment variable, to provide an opt-in way to protect against denial of
  service attacks due to hash collisions within the dict and set types.  Patch
  by David Malcolm, based on work by Victor Stinner.
2012-02-20 20:42:21 -05:00
Antoine Pitrou dd7e071b23 Issue #13014: Fix a possible reference leak in SSLSocket.getpeercert(). 2012-02-15 22:25:27 +01:00
Antoine Pitrou c39cd783fb Issue #13015: Fix a possible reference leak in defaultdict.__repr__.
Patch by Suman Saha.
2012-02-15 02:42:46 +01:00
Petri Lehtinen c7fd523ac5 Issue #10811: Fix recursive usage of cursors. Instead of crashing, raise a ProgrammingError now. 2012-02-06 22:04:00 +02:00
Charles-François Natali e0e88b0483 Issue #13817: After fork(), reinit the ad-hoc TLS implementation earlier to fix
a random deadlock when fork() is called in a multithreaded process in debug
mode, and make PyOS_AfterFork() more robust.
2012-02-02 19:57:19 +01:00
Petri Lehtinen 0518f470b1 sqlite3: Handle strings with embedded zeros correctly
Closes #13676.
2012-02-01 22:20:13 +02:00
Antoine Pitrou 88c51e8cb1 Issue #13806: The size check in audioop decompression functions was too strict and could reject valid compressed data.
Patch by Oleg Plakhotnyuk.
2012-01-28 22:01:59 +01:00
Antoine Pitrou 374b4ea9da Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV attack countermeasure. 2012-01-27 09:44:08 +01:00
Antoine Pitrou d358e0554b Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV attack countermeasure. 2012-01-27 09:42:45 +01:00
Nadeem Vawda d7664dee0c Issue #13781: Fix GzipFile to work with os.fdopen()'d file objects. 2012-01-19 00:40:46 +02:00
Jesus Cea 2ab4a91f43 Berkeley DB: Erratic behaviour of "DBEnv->rep_elect()" because a typo 2012-01-16 23:57:34 +01:00
Amaury Forgeot d'Arc dee76e627d Issue #13774: json: Fix a SystemError when a bogus encoding is passed to
json.loads().
2012-01-13 22:53:25 +01:00
Charles-François Natali 3aa59e327c Issue #9975: socket: Fix incorrect use of flowinfo and scope_id. Patch by
Vilmos Nebehaj.
2012-01-02 15:38:27 +01:00
Charles-François Natali b275e2d5e5 Issue #4028: Make multiprocessing build on SunOS. 2011-12-14 18:35:55 +01:00
Raymond Hettinger f537702732 Issue #13573: The csv.writer now uses the repr() for floats rather than str(). 2011-12-11 22:31:09 -08:00
Florent Xicluna b918bdc92c Fix docstring typo. 2011-12-09 23:40:27 +01:00
Victor Stinner 9f915d9c20 Issue #13093: Fix _testcapi.unicode_encodedecimal()
_testcapimodule.c is not "ssize_t" safe in Python 2.7: the length argument type
is int, not Py_ssize_t.
2011-11-29 00:53:09 +01:00
Charles-François Natali 93a1175bac Issue #13415: Test in configure if unsetenv() has a return value or not. 2011-11-27 13:01:35 +01:00
Benjamin Peterson 42d96dc07d no python objects to manage here 2011-11-22 23:56:06 -06:00
Benjamin Peterson fde82169e1 plug refleak 2011-11-22 23:12:49 -06:00
Antoine Pitrou aa1c967f93 Issue #13458: Fix a memory leak in the ssl module when decoding a certificate with a subjectAltName.
Patch by Robert Xiao.
2011-11-23 01:39:19 +01:00
Victor Stinner 53853c3fa9 Issue #13415: os.unsetenv() doesn't ignore errors anymore. 2011-11-22 22:20:13 +01:00
Victor Stinner 975134e2a2 Issue #13093: Fix error handling on PyUnicode_EncodeDecimal()
Add tests for PyUnicode_EncodeDecimal()
2011-11-22 01:54:19 +01:00
Antoine Pitrou 5aa7df320f Issue #13322: Fix BufferedWriter.write() to ensure that BlockingIOError is
raised when the wrapped raw file is non-blocking and the write would block.
Previous code assumed that the raw write() would raise BlockingIOError, but
RawIOBase.write() is defined to returned None when the call would block.
Patch by sbt.
2011-11-21 20:16:44 +01:00
Florent Xicluna 0965ee213e Issue #2892: preserve iterparse events in case of SyntaxError 2011-11-01 23:34:41 +01:00
Florent Xicluna 67d5d0ed44 Closes #7334: close source files on ElementTree.parse and iterparse (partial backport of issue #10093 from 3.2). 2011-10-29 03:38:56 +02:00
Antoine Pitrou 5a77fe92bd Issue #1548891: The cStringIO.StringIO() constructor now encodes unicode
arguments with the system default encoding just like the write() method
does, instead of converting it to a raw buffer.
2011-10-22 21:26:01 +02:00
Senthil Kumaran d583068e7d Fix Issue 12604 - Use a proper no-op macro expansion for VTRACE macro in _sre.c 2011-10-20 02:13:23 +08:00
Benjamin Peterson a7b0976c3e PyEval_CallObject requires a tuple of args (closes #13186) 2011-10-15 13:43:21 -04:00
Nadeem Vawda 36248154a9 Issue #13159: Replace FileIO's quadratic-time buffer growth algorithm with a linear-time one.
Also fix the builtin file class and the bz2 module, which used the same algorithm.
2011-10-13 13:52:46 +02:00
Charles-François Natali 46180751e9 Merge. 2011-10-12 21:10:02 +02:00
Charles-François Natali 1f3ff7bc3f Issue #13156: revert changeset f6feed6ec3f9, which was only relevant for native
TLS implementations, and fails with the ad-hoc TLS implementation when a thread
doesn't have an auto thread state (e.g. a thread created outside of Python
calling into a subinterpreter).
2011-10-12 21:07:54 +02:00
Charles-François Natali 9ffcbf71a5 Issue #13070: Fix a crash when a TextIOWrapper caught in a reference cycle
would be finalized after the reference to its underlying BufferedRWPair's
writer got cleared by the GC.
2011-10-06 19:09:45 +02:00
Antoine Pitrou 44b3b5457a Remove all other uses of the C tolower()/toupper() which could break with a Turkish locale.
(except in the strop module, which is deprecated anyway)
2011-10-04 13:55:37 +02:00
Antoine Pitrou ace2ccf387 Issue #13099: Fix sqlite3.Cursor.lastrowid under a Turkish locale.
Reported and diagnosed by Thomas Kluyver.
2011-10-04 13:38:04 +02:00
Antoine Pitrou 561a821e93 Issue #7689: Allow pickling of dynamically created classes when their
metaclass is registered with copyreg.  Patch by Nicolas M. Thiéry and
Craig Citro.
2011-10-04 09:34:48 +02:00
Meador Inge ad349a190e Issue #12881: ctypes: Fix segfault with large structure field names. 2011-10-03 21:34:04 -05:00
Antoine Pitrou f06eb46918 Issue #13034: When decoding some SSL certificates, the subjectAltName extension could be unreported. 2011-10-01 19:30:58 +02:00
Charles-François Natali 564f89036f Issue #13058: ossaudiodev: fix a file descriptor leak on error. Patch by Thomas
Jarosch.
2011-09-29 19:43:01 +02:00
Meador Inge fe15003680 Issue #13013: ctypes: Fix a reference leak in PyCArrayType_from_ctype.
Thanks to Suman Saha for finding the bug and providing a patch.
2011-09-27 20:35:28 -05:00
Mark Dickinson a96b0d119d Backport issue #12973 itertools fix from 3.x. 2011-09-24 09:01:16 +01:00
Jesus Cea c23484b21f Close #13022: _multiprocessing.recvfd() doesn't check that file descriptor was actually received 2011-09-21 03:47:39 +02:00
Stefan Krah 7711273ce8 Use bitwise instead of logical or for flags. 2011-09-15 22:56:00 +02:00
Amaury Forgeot d'Arc 439c25eb9e Issue #12483: ctypes: Fix a crash when the destruction of a callback
object triggers the garbage collector.
2011-09-12 20:12:09 +02:00
Jesus Cea 79e7c4e395 Close #12950: multiprocessing "test_fd_transfer" fails under OpenIndiana 2011-09-10 04:04:09 +02:00
Amaury Forgeot d'Arc cf316a171e Issue #12764: Fix a crash in ctypes when the name of a Structure field is not
a string.
2011-09-02 20:32:23 +02:00
Amaury Forgeot d'Arc 3d7f236329 Issue #9651: Fix a crash when ctypes.create_string_buffer(0) was passed to
some functions like file.write().
2011-08-30 21:04:35 +02:00
Charles-François Natali fda7b379ac Issue #12287: Fix a stack corruption in ossaudiodev module when the FD is
greater than FD_SETSIZE.
2011-08-28 16:22:33 +02:00
Nadeem Vawda bbabbae114 Issue #12839: Fix crash in zlib module due to version mismatch.
If the version of zlib used to compile the zlib module is incompatible
with the one that is actually linked in, then calls into zlib will fail.
This can leave attributes of the z_stream uninitialized, so we must take
care to avoid segfaulting by trying to use an invalid pointer.

Fix by Richard M. Tew.
2011-08-28 11:23:57 +02:00
Antoine Pitrou a1a8da8bf5 Issue #11657: Fix sending file descriptors over 255 over a multiprocessing Pipe.
Also added some tests.
2011-08-23 19:54:20 +02:00
Antoine Pitrou 808cec536a Issue #12213: Fix a buffering bug with interleaved reads and writes that
could appear on io.BufferedRandom streams.
2011-08-20 15:40:58 +02:00
Ezio Melotti ca5e908c6e #12725: fix working. Patch by Ben Hayden. 2011-08-14 08:27:36 +03:00
Benjamin Peterson 0f8acebd53 dosmodule is, thankfully, no more 2011-08-04 11:07:42 -05:00
Eli Bendersky eaf312a0a4 Issue #12434: make StringIO.write error message consistent with Python 2.7 nomenclature 2011-07-22 14:39:55 +03:00
Barry Warsaw c56432804a - Issue #10309: Define _GNU_SOURCE so that mremap() gets the proper
signature.  Without this, architectures where sizeof void* != sizeof int are
  broken.  Patch given by Hallvard B Furuseth.
2011-07-19 17:06:30 -04:00
Victor Stinner 59729ff609 Issue #9611, #9015: FileIO.read(), FileIO.readinto(), FileIO.write() and
os.write() clamp the length to INT_MAX on Windows.
2011-07-05 11:28:19 +02:00
Antoine Pitrou ff48c0a89b Really fix issue #10898: posixmodule.c redefines FSTAT 2011-07-01 22:56:03 +02:00
Senthil Kumaran 2bd9100b2a Fix closes issue 11568 - update select.epoll.register docstring with mention of correct behavior. 2011-06-26 23:50:35 -07:00
Ross Lagerwall ffa8e2fb56 Issue 12404: Remove C89 incompatible code from mmap module.
Patch by Akira Kitada.
2011-06-25 09:55:10 +02:00
Brian Curtin 5446f08c60 Correction to f1509fc75435 - Issue #11583
Rather than wrapping the C _isdir function in a Python function,
just import the C _isdir function directly. Additionally, add in the
docstring which was left out.
2011-06-09 10:00:42 -05:00
Brian Curtin caea7e8d23 Merge 2011-06-08 19:29:53 -05:00
Victor Stinner 9a1662c2f0 Issue #12016: Reindent decoders of HK and JP codecs 2011-06-03 23:35:27 +02:00
Éric Araujo 2845365bf2 Branch merge 2011-06-01 19:28:26 +02:00
Benjamin Peterson 4ba009d8dc simply use the Python version for pyexpat.__version__ #12221 2011-05-31 18:59:49 -05:00
Éric Araujo f2f8503b65 Fix error message to use the Python name instead of the C name 2011-05-31 14:08:40 +02:00
Victor Stinner daf17e9bc8 Issue #12175: RawIOBase.readall() now returns None if read() returns None. 2011-05-25 22:52:37 +02:00
Victor Stinner 5100a405dc Issue #12175: FileIO.readall() now raises a ValueError instead of an IOError if
the file is closed.
2011-05-25 22:15:36 +02:00
Victor Stinner 40b41e1ffd Issue #12100: Don't reset incremental encoders of CJK codecs at each call to
their encode() method anymore, but continue to call the reset() method if the
final argument is True.
2011-05-24 22:29:13 +02:00
Victor Stinner f58f1c33c1 Issue #12124: zipimport doesn't keep a reference to zlib.decompress() anymore
to be able to unload the module.
2011-05-21 02:13:22 +02:00
Benjamin Peterson 6116d4a1d1 stop using the old brain-dead interface for providing attributes/methods
This closes #12099.
2011-05-17 18:31:20 -05:00
Nadeem Vawda 0cc4fd9df7 Issue #12050: zlib.decompressobj().decompress() now clears the unconsumed_tail
attribute when called without a max_length argument.
2011-05-14 14:29:07 +02:00
Antoine Pitrou ee46a7bf9c Issue #12062: In the `io` module, fix a flushing bug when doing a certain
type of I/O sequence on a file opened in read+write mode (namely: reading,
seeking a bit forward, writing, then seeking before the previous write but
still within buffered data, and writing again).
2011-05-13 00:31:52 +02:00
Ezio Melotti c1ec7b5d44 #12051: Fix segfault in json.dumps() while encoding highly-nested objects using the C accelerations. 2011-05-11 00:55:35 +03:00
Antoine Pitrou 47d1d0dc30 Issue #8498: In socket.accept(), allow to specify 0 as a backlog value in
order to accept exactly one connection.  Patch by Daniel Evers.
2011-05-10 19:16:03 +02:00
Victor Stinner b1241f9619 (Merge 3.1) Issue #12012: ssl.PROTOCOL_SSLv2 becomes optional
OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2
protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid.

Optimize also ssl.get_protocol_name(): speed does matter!
2011-05-10 01:52:03 +02:00
Ezio Melotti 0639be6505 #10169: Fix argument parsing in socket.sendto() to avoid error masking. 2011-05-07 19:21:22 +03:00
Ezio Melotti cec464951e #12017: Fix segfault in json.loads() while decoding highly-nested objects using the C accelerations. 2011-05-07 17:40:23 +03:00
Ezio Melotti f5164f6e93 #11982: remove now unused function. 2011-05-04 15:28:31 +03:00
Ezio Melotti df8a8f768d #11982: fix json.loads('""') to return u'' rather than ''. 2011-05-04 14:40:53 +03:00
Victor Stinner 112d48ac17 (Merge 3.1) Issue #11277: mmap.mmap() calls fcntl(fd, F_FULLFSYNC) on Mac OS X
to get around a mmap bug with sparse files. Patch written by Steffen Daode
Nurpmeso.
2011-05-03 14:36:36 +02:00
Antoine Pitrou 4394e0db24 Issue #10517: After fork(), reinitialize the TLS used by the PyGILState_*
APIs, to avoid a crash with the pthread implementation in RHEL 5.  Patch
by Charles-François Natali.
2011-04-27 19:20:48 +02:00
Victor Stinner 33feeab598 (Merge 3.1) Issue #11768: The signal handler of the signal module only calls
Py_AddPendingCall() for the first signal to fix a deadlock on reentrant or
parallel calls. PyErr_SetInterrupt() writes also into the wake up file.
2011-04-18 16:33:28 +02:00
Ezio Melotti e575f10c51 Remove unnecessary call to PyErr_Clear. 2011-04-11 03:45:25 +03:00
Ezio Melotti 8b4367ec10 #4877: Fix a segfault in xml.parsers.expat while attempting to parse a closed file. 2011-04-11 03:44:28 +03:00
Senthil Kumaran bb4e470dcd hg pull/merge - Changes to accomodate. 2011-04-06 14:41:42 +08:00
Senthil Kumaran 792eb5dc84 Issue #10762: Guard against invalid/non-supported format string '%f' on Windows. Patch Santoso Wijaya. 2011-04-06 14:27:47 +08:00
Alexander Belopolsky 07019bcaab Issue #11576: Fixed timedelta subtraction glitch on big timedelta values 2011-04-05 22:12:22 -04:00