Commit Graph

1916 Commits

Author SHA1 Message Date
Éric Araujo eeebc44db4
Reorder entries in Misc/ACKS (GH-17663) (GH-17672) 2019-12-28 15:41:48 -05:00
Miss Islington (bot) cb6085138a
bpo-38804: Fix REDoS in http.cookiejar (GH-17157)
The regex http.cookiejar.LOOSE_HTTP_DATE_RE was vulnerable to regular
expression denial of service (REDoS).

LOOSE_HTTP_DATE_RE.match is called when using http.cookiejar.CookieJar
to parse Set-Cookie headers returned by a server.
Processing a response from a malicious HTTP server can lead to extreme
CPU usage and execution will be blocked for a long time.

The regex contained multiple overlapping \s* capture groups.
Ignoring the ?-optional capture groups the regex could be simplified to

    \d+-\w+-\d+(\s*\s*\s*)$

Therefore, a long sequence of spaces can trigger bad performance.

Matching a malicious string such as

    LOOSE_HTTP_DATE_RE.match("1-c-1" + (" " * 2000) + "!")

caused catastrophic backtracking.

The fix removes ambiguity about which \s* should match a particular
space.

You can create a malicious server which responds with Set-Cookie headers
to attack all python programs which access it e.g.

    from http.server import BaseHTTPRequestHandler, HTTPServer

    def make_set_cookie_value(n_spaces):
        spaces = " " * n_spaces
        expiry = f"1-c-1{spaces}!"
        return f"b;Expires={expiry}"

    class Handler(BaseHTTPRequestHandler):
        def do_GET(self):
            self.log_request(204)
            self.send_response_only(204)  GH- Don't bother sending Server and Date
            n_spaces = (
                int(self.path[1:])  GH- Can GET e.g. /100 to test shorter sequences
                if len(self.path) > 1 else
                65506  GH- Max header line length 65536
            )
            value = make_set_cookie_value(n_spaces)
            for i in range(99):  GH- Not necessary, but we can have up to 100 header lines
                self.send_header("Set-Cookie", value)
            self.end_headers()

    if __name__ == "__main__":
        HTTPServer(("", 44020), Handler).serve_forever()

This server returns 99 Set-Cookie headers. Each has 65506 spaces.
Extracting the cookies will pretty much never complete.

Vulnerable client using the example at the bottom of
https://docs.python.org/3/library/http.cookiejar.html :

    import http.cookiejar, urllib.request
    cj = http.cookiejar.CookieJar()
    opener = urllib.request.build_opener(urllib.request.HTTPCookieProcessor(cj))
    r = opener.open("http://localhost:44020/")

The popular requests library was also vulnerable without any additional
options (as it uses http.cookiejar by default):

    import requests
    requests.get("http://localhost:44020/")

* Regression test for http.cookiejar REDoS

If we regress, this test will take a very long time.

* Improve performance of http.cookiejar.ISO_DATE_RE

A string like

"444444" + (" " * 2000) + "A"

could cause poor performance due to the 2 overlapping \s* groups,
although this is not as serious as the REDoS in LOOSE_HTTP_DATE_RE was.
(cherry picked from commit 1b779bfb85)

Co-authored-by: bcaller <bcaller@users.noreply.github.com>
2019-11-22 06:42:13 -08:00
Miss Islington (bot) e4be7c8ba1 Improve clarity of try-return-finally-return (GH-15677) (GH-15982)
Clarify execution in try-return-finally-return case.
(cherry picked from commit 0cc27417f2)

Co-authored-by: toonarmycaptain <toonarmycaptain@hotmail.com>
2019-09-11 19:42:09 +02:00
Miss Islington (bot) f3480ad088
[3.8] bpo-37409: fix relative import with no parent (GH-14956) (GH-15913)
Relative imports use resolve_name to get the absolute target name,
which first seeks the current module's absolute package name from the globals:
If __package__ (and __spec__.parent) are missing then
import uses __name__, truncating the last segment if
the module is a submodule rather than a package __init__.py
(which it guesses from whether __path__ is defined).

The __name__ attempt should fail if there is no parent package (top level modules),
if __name__ is '__main__' (-m entry points), or both (scripts).
That is, if both __name__ has no subcomponents and the module does not seem
to be a package __init__ module then import should fail..
(cherry picked from commit 92420b3e67)

Co-authored-by: Ben Lewis <benjimin@users.noreply.github.com>
(cherry picked from commit 0a6693a469)

Co-authored-by: Brett Cannon <54418+brettcannon@users.noreply.github.com>
2019-09-11 05:50:14 -07:00
Miss Islington (bot) 16af39aa84
bpo-37902: IDLE: Add scrolling for IDLE browsers. (GH-15368)
Modify the wheel event handler so it can also be used for module, path, and stack browsers.
Patch by George Zhang.
(cherry picked from commit 2cd9025858)

Co-authored-by: GeeTransit <geetransit@gmail.com>
2019-09-04 18:58:22 -07:00
Ashwin Ramaswami ea21389dda [3.7] bpo-37764: Fix infinite loop when parsing unstructured email headers. (GH-15239) (GH-15654)
…aders. (GH-15239)

Fixes a case in which email._header_value_parser.get_unstructured hangs the system for some invalid headers. This covers the cases in which the header contains either:
- a case without trailing whitespace
- an invalid encoded word

https://bugs.python.org/issue37764

This fix should also be backported to 3.7 and 3.8

https://bugs.python.org/issue37764
(cherry picked from commit c5b242f87f)

Co-authored-by: Ashwin Ramaswami <aramaswamis@gmail.com>





https://bugs.python.org/issue37764
2019-09-03 09:42:53 -07:00
Miss Islington (bot) 6b50c10f67
bpo-37372: Fix error unpickling datetime.time objects from Python 2 with seconds>=24. (GH-14307)
(cherry picked from commit 122376df55)

Co-authored-by: Justin Blanchard <UncombedCoconut@gmail.com>
2019-08-29 00:57:41 -07:00
Paul Ganssle ed44b84961
bpo-37642: Update acceptable offsets in timezone (GH-14878) (#15226)
This fixes an inconsistency between the Python and C implementations of
the datetime module. The pure python version of the code was not
accepting offsets greater than 23:59 but less than 24:00. This is an
accidental legacy of the original implementation, which was put in place
before tzinfo allowed sub-minute time zone offsets.

GH-14878

(cherry picked from commit 92c7e30adf)
2019-08-15 15:09:37 -04:00
Miss Islington (bot) b0b178a2b8
bpo-37811: FreeBSD, OSX: fix poll(2) usage in sockets module (GH-15202)
FreeBSD implementation of poll(2) restricts the timeout argument to be
either zero, or positive, or equal to INFTIM (-1).

Unless otherwise overridden, socket timeout defaults to -1. This value
is then converted to milliseconds (-1000) and used as argument to the
poll syscall. poll returns EINVAL (22), and the connection fails.

This bug was discovered during the EINTR handling testing, and the
reproduction code can be found in
https://bugs.python.org/issue23618 (see connect_eintr.py,
attached). On GNU/Linux, the example runs as expected.

This change is trivial:
If the supplied timeout value is negative, truncate it to -1.
(cherry picked from commit 2814620657)

Co-authored-by: Artem Khramov <akhramov@pm.me>
2019-08-14 14:48:03 -07:00
Miss Islington (bot) 33b700ba8c
bpo-37723: Fix performance regression on regular expression parsing. (GH-15030)
Improve performance of sre_parse._uniq function.
(cherry picked from commit 9f55551f3d)

Co-authored-by: yannvgn <hi@yannvgn.io>
2019-07-31 13:22:19 -07:00
Miss Islington (bot) 849a37a2b6
bpo-37627: Add acknowledgment (GH-14883)
(cherry picked from commit 4214f1ec3b)

Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
2019-07-21 13:38:01 -07:00
Miss Islington (bot) d1524148cd
bpo-30088: Document that existing dir structure isn't verified by mailbox.Maildir (GH-1163)
Hi,

I've faced an issue w/ `mailbox.Maildir()`. The case is following:
1. I create a folder with `tempfile.TemporaryDirectory()`, so it's empty
2. I pass that folder path as an argument when instantiating `mailbox.Maildir()`
3. Then I receive an exception happening because "there's no such file or directory" (namely `cur`, `tmp` or `new`) during interaction with Maildir

**Expected result:** subdirs are created during `Maildir()` instance creation.

**Actual result:** subdirs are assumed as existing which leads to exceptions during use.

**Workaround:** remove the actual dir before passing the path to `Maildir()`. It will be created automatically with all subdirs needed.

**Fix:** This PR. Basically it adds creation of subdirs regardless of whether the base dir existed before.

https://bugs.python.org/issue30088
(cherry picked from commit e44184749c)

Co-authored-by: Sviatoslav Sydorenko <wk@sydorenko.org.ua>
2019-07-13 07:59:32 -07:00
Miss Islington (bot) 6bd438e137 bpo-37014: Update docstring and Documentation of fileinput.FileInput(). (GH-13545) (GH-13753)
* bpo-37014: Update docstring and Documentation of fileinput.FileInput()

* Explain the behavior of fileinput.FileInput() when reading stdin.

* Update blurb.

* bpo-37014: Fix typo in the docstring and documentation.
(cherry picked from commit aca273e240)

Co-authored-by: Michele Angrisano <michele.angrisano@gmail.com>
2019-06-02 23:36:34 +02:00
Miss Islington (bot) 310f414bbd
bpo-23395: Fix PyErr_SetInterrupt if the SIGINT signal is ignored or not handled (GH-7778)
``_thread.interrupt_main()`` now avoids setting the Python error status if the ``SIGINT`` signal is ignored or not handled by Python.
(cherry picked from commit 608876b6b1)

Co-authored-by: Matěj Cepl <mcepl@cepl.eu>
2019-05-24 02:22:38 -07:00
Miss Islington (bot) 6b48e658bf
bpo-36929: Modify io/re tests to allow for missing mod name (GH-13392)
* bpo-36929: Modify io/re tests to allow for missing mod name

For a vanishingly small number of internal types, CPython sets the
tp_name slot to mod_name.type_name, either in the PyTypeObject or the
PyType_Spec. There are a few minor places where this surfaces:

* Custom repr functions for those types (some of which ignore the
  tp_name in favor of using a string literal, such as _io.TextIOWrapper)
* Pickling error messages

The test suite only tests the former. This commit modifies the test
suite to allow Python implementations to omit the module prefix.

https://bugs.python.org/issue36929
(cherry picked from commit ccb7ca728e)

Co-authored-by: Max Bernstein <tekknolagi@users.noreply.github.com>
2019-05-21 10:51:56 -07:00
Geoff Shannon cdb2dbfe92 [3.7] bpo-22865: Expand on documentation for the pty.spawn function (GH-11980) (GH-13455)
(cherry picked from commit 522ccef869)

Co-authored-by: Geoff Shannon <earthlingzephyr@gmail.com>
2019-05-21 11:36:57 +02:00
Miss Islington (bot) 3887932e10
bpo-35721: Close socket pair if Popen in _UnixSubprocessTransport fails (GH-11553)
This slightly expands an existing test case `test_popen_error` to trigger a `ResourceWarning` and fixes it.

https://bugs.python.org/issue35721
(cherry picked from commit 9932fd91e8)

Co-authored-by: Niklas Fiekas <niklas.fiekas@backscattering.de>
2019-05-20 05:35:56 -07:00
Steve Dower aa73841a8f
bpo-35926: Add support for OpenSSL 1.1.1b on Windows (GH-11779) 2019-05-16 09:41:36 -07:00
Miss Islington (bot) 30cccf084d bpo-36845: validate integer network prefix when constructing IP networks (GH-13298)
(cherry picked from commit 5e48e3db6f)

Co-authored-by: Nicolai Moore <niconorsk@gmail.com>
2019-05-14 20:00:16 +09:00
Miss Islington (bot) 0a5b88e7f2 bpo-24538: Fix bug in shutil involving the copying of xattrs to read-only files. (PR-13212) (#13234)
Extended attributes can only be set on user-writeable files, but shutil previously
first chmod()ed the destination file to the source's permissions and then tried to
copy xattrs. This will cause failures if attempting to copy read-only files with
xattrs, as occurs with Git clones on Lustre FS.
(cherry picked from commit 79efbb7193)

Co-authored-by: Olexa Bilaniuk <obilaniu@users.noreply.github.com>
2019-05-14 13:30:22 +08:00
Miss Islington (bot) 395bb94a7f
bpo-33922: Adding documentation for new "-64" suffix of Python launcher (GH-7849)
Since bpo-30291 it is possible to specify the architecture of Python when using the launcher
(cherry picked from commit 1e2ad6c275)

Co-authored-by: mrh1997 <mrh1997@users.noreply.github.com>
2019-04-12 15:32:33 -07:00
Miss Islington (bot) 1c79891026 bpo-35717: Fix KeyError exception raised when using enums and compile (GH-11523) (GH-11669)
https://bugs.python.org/issue17467
(cherry picked from commit 1fd06f1eca)

Co-authored-by: Rémi Lapeyre <remi.lapeyre@henki.fr>
2019-01-30 18:36:51 +01:00
Miss Islington (bot) 3c83cb7eed
bpo-35641: IDLE - format calltip properly when no docstring (GH-11415)
(cherry picked from commit ab54b9a130)

Co-authored-by: Emmanuel Arias <emmanuelarias30@gmail.com>
2019-01-03 01:44:47 -08:00
Miss Islington (bot) a11d44056e
bpo-35497: add versionadded tag for EPOLLEXCLUSIVE (GH-11162)
(cherry picked from commit 92330c0b6d)

Co-authored-by: Manjusaka <lizheao940510@gmail.com>
2018-12-19 04:05:48 -08:00
Miss Islington (bot) 96fb350bfd bpo-21263: Skip test_gdb when python has been compiled with LLVM clang (GH-10318) (GH-10325)
(cherry picked from commit 59668aa8b7)

Co-authored-by: Lysandros Nikolaou <lisandrosnik@gmail.com>
2018-11-04 16:40:02 -05:00
Miss Islington (bot) 44989bc269 bpo-34472: Add data descriptor signature to zipfile (GH-8871) (GH-9399)
This makes streamed zips compatible with MacOS Archive Utility and
other applications.
(cherry picked from commit 4ba3b50bfe)

Co-authored-by: Silas Sewell <silas@sewell.org>
2018-09-22 21:03:04 +03:00
Miss Islington (bot) 9835696ec4
bpo-34246: Use no mutable default args in smtplib (GH-8554)
Some methods of the SMTP class use mutable default arguments. Specially
`send_message` is affected as it mutates one of the args by appending items
to it, which has side effects on further calls.
(cherry picked from commit d5fbe9b1a3)

Co-authored-by: Pablo Aguiar <scorphus@gmail.com>
2018-09-07 15:29:27 -07:00
Miss Islington (bot) ad4f64d58c
bpo-34035: Fix several AttributeError in zipfile seek() methods. (GH-8527)
(cherry picked from commit 3f8c6913b8)

Co-authored-by: Mickaël Schoentgen <contact@tiger-222.fr>
2018-07-29 12:57:21 -07:00
Miss Islington (bot) 020f5ab717
bpo-33648: Remove PY_WARN_ON_C_LOCALE (GH-7114)
This code does not appear to be used anywhere in the python code base.
The use was removed in eb81795d7d.
(cherry picked from commit b91a3a0d61)

Co-authored-by: Eitan Adler <grimreaper@users.noreply.github.com>
2018-07-11 07:48:42 -07:00
Miss Islington (bot) a912305512
closes bpo-34050: Fix link in SSL docs (GH-8173)
(cherry picked from commit 9c5ba09748)

Co-authored-by: Marcin Niemira <marcin@niemira.net>
2018-07-07 15:47:35 -07:00
Miss Islington (bot) 0e2b76ea4e
bpo-29456: Fix bugs in unicodedata.normalize: u1176, u11a7 and u11c3 (GH-1958)
Hangul composition check boundaries are wrong for the second character
([0x1161, 0x1176) instead of [0x1161, 0x1176]) and third character ((0x11A7, 0x11C3)
instead of [0x11A7, 0x11C3]).
(cherry picked from commit d134809cd3)

Co-authored-by: Wonsup Yoon <pusnow@me.com>
2018-06-15 05:21:55 -07:00
Miss Islington (bot) ec4343c3b4 bpo-30167: Prevent site.main() exception if PYTHONSTARTUP is set. (GH-6731) (GH-7606)
Before Python 3.6, os.path.abspath(None) used to report an AttributeError which was properly caught inside site.abs_paths, making it ignore __main__, one of sys.modules, which has __file__ and __cached__ set to None. With 3.6, os.path.abspath(None) raises TypeError instead which site.abs_path was not expecting.  This resulted in an uncaught exception if a user had PYTHONSTARTUP set and the application called site.main() which a number of third-party programs do.
(cherry picked from commit 2487f30d55)

Co-authored-by: Steve Weber <steverweber@gmail.com>
2018-06-10 21:21:35 -04:00
Miss Islington (bot) 073eca39a5
bpo-33542: Ignore DUID in uuid.get_node on Windows. (GH-6922)
uuid._ipconfig_getnode did not validate the maximum length of the value,
so long as the value had the same type of formatting as a MAC address.
This let it select DUIDs as MAC addresses. It now requires an exact
length match.
(cherry picked from commit c66c342cb4)

Co-authored-by: CtrlZvi <viz+github@flippedperspective.com>
2018-05-20 08:40:10 -07:00
Miss Islington (bot) d504108a88 bpo-13631: Fix the order of initialization for readline libedit on macOS. (GH-6915) (GH-6928)
The editline emulation needs to be initialized *after* the name is
defined. This fixes the long open issue.
(cherry picked from commit c2f082e9d1)

Co-authored-by: Zvezdan Petkovic <zpetkovic@acm.org>
2018-05-17 03:27:33 -04:00
Miss Islington (bot) 5195039bb5 bpo-33497: Add NEWS and ACKS entries. (GH-6838) (GH-6840)
(cherry picked from commit d063b84d9e)

Co-authored-by: Ned Deily <nad@python.org>
2018-05-14 18:21:10 -04:00
Miss Islington (bot) d74f35331f bpo-33281: NEWS and ACK (GH-6681) (GH-6682)
(cherry picked from commit 69a013ec18)

Co-authored-by: Ned Deily <nad@python.org>
2018-05-01 22:52:42 -04:00
Miss Islington (bot) 736f17fb8d
bpo-33256: Replace angle brackets around python object repr to display it in html (GH-6442)
(cherry picked from commit 7d68bfa826)

Co-authored-by: sblondon <sblondon@users.noreply.github.com>
2018-04-29 12:10:12 -07:00
Miss Islington (bot) 237148ecc0 acks += Zsolt Dollenstein (GH-6490) (GH-6492)
(cherry picked from commit 2bea947628)

Co-authored-by: Łukasz Langa <lukasz@langa.pl>
2018-04-16 17:26:25 -07:00
Miss Islington (bot) 9b25bd6e26
bpo-31920: Fixed handling directories as arguments in the ``pygettext`` script. (GH-6259)
Based on patch by Oleg Krasnikov.
(cherry picked from commit c93938b5be)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2018-04-09 10:57:52 -07:00
Miss Islington (bot) 3c193cf8af [3.7] bpo-29673: fix gdb scripts pystack and pystackv (GH-6126) (GH-6399)
(cherry picked from commit 3a9ccee0e5)

Co-authored-by: Marcel Plch <gmarcel.plch@gmail.com>
2018-04-06 18:14:29 -04:00
Miss Islington (bot) 9216dffbc8
bpo-32337: Update documentats about dict order (GH-4973)
(cherry picked from commit dfbbbf16f9)

Co-authored-by: hui shang <shangdahao@gmail.com>
2018-04-03 22:01:46 -07:00
Miss Islington (bot) 346964ba05
bpo-33018: Improve issubclass() error checking and message. (GH-5944)
This improves error message for situations when a non-class is
checked w.r.t. an abstract base class.
(cherry picked from commit 40472dd42d)

Co-authored-by: jab <jab@users.noreply.github.com>
2018-03-22 04:49:26 -07:00
Miss Islington (bot) 6e65e44626 [3.7] bpo-32885: Tools/scripts/pathfix.py: Add -n option for no backup~ (GH-5772) (#6103)
Creating backup files with ~ suffix can be undesirable in some environment,
such as when building RPM packages. Instead of requiring the user to remove
those files manually, option -n was added, that simply disables this feature.

-n was selected because 2to3 has the same option with this behavior.
(cherry picked from commit 5affd5c29e)

Co-authored-by: Miro Hrončok <miro@hroncok.cz>
2018-03-14 18:52:28 +01:00
Miss Islington (bot) 3c39beb65d
bpo-32517: fix test_read_pty_output() hangs on macOS 10.13.2+ (GH-6037)
test_asyncio hangs indefinitely on macOS 10.13.2+ on `read_pty_output()`
using the KqueueSelector. Closing `proto.transport` (as is done in
`write_pty_output()`) seems to fix it.
(cherry picked from commit 12f74d8608)

Co-authored-by: Nathan Henrie <n8henrie@users.noreply.github.com>
2018-03-09 10:14:14 -08:00
Miss Islington (bot) 0902a2d6b2 bpo-32981: Fix catastrophic backtracking vulns (GH-5955)
* Prevent low-grade poplib REDOS (CVE-2018-1060)

The regex to test a mail server's timestamp is susceptible to
catastrophic backtracking on long evil responses from the server.

Happily, the maximum length of malicious inputs is 2K thanks
to a limit introduced in the fix for CVE-2013-1752.

A 2KB evil response from the mail server would result in small slowdowns
(milliseconds vs. microseconds) accumulated over many apop calls.
This is a potential DOS vector via accumulated slowdowns.

Replace it with a similar non-vulnerable regex.

The new regex is RFC compliant.
The old regex was non-compliant in edge cases.

* Prevent difflib REDOS (CVE-2018-1061)

The default regex for IS_LINE_JUNK is susceptible to
catastrophic backtracking.
This is a potential DOS vector.

Replace it with an equivalent non-vulnerable regex.

Also introduce unit and REDOS tests for difflib.

Co-authored-by: Tim Peters <tim.peters@gmail.com>
Co-authored-by: Christian Heimes <christian@python.org>
Co-authored-by: Jamie Davis <davisjam@vt.edu>
(cherry picked from commit 0e6c8ee235)
2018-03-03 21:55:07 -08:00
Miss Islington (bot) 694c5e0e1f
bpo-30028: make test.support.temp_cwd() fork-safe (GH-1066)
Make test.support.temp_cwd() fork-safe. The context manager test.support.temp_cwd() no longer removes the temporary directory when executing in a process other than the parent it entered from.
If a forked child exits the context manager it won't do the cleanup.
(cherry picked from commit 33dddac00b)

Co-authored-by: Anselm Kruis <a.kruis@science-computing.de>
2018-02-22 21:39:02 -08:00
Miss Islington (bot) bc2e110469
closes bpo-32898: Fix debug build crash with COUNT_ALLOCS (GH-5800)
(cherry picked from commit 745dc65b17)

Co-authored-by: Eddie Elizondo <eduardo.elizondorueda@gmail.com>
2018-02-21 21:44:08 -08:00
Miss Islington (bot) 1d927d4feb
bpo-31848: Fix broken error handling in Aifc_read.initfp() when the SSND chunk is not found (GH-5240)
Initialize self._ssnd_chunk so that aifc.Error is raised as intended,
not AttributeError.
(cherry picked from commit 80d20b918b)

Co-authored-by: Zackery Spytz <zspytz@gmail.com>
2018-02-20 14:06:58 -08:00
Miss Islington (bot) 2ef69a1d45 bpo-30157: Fix csv.Sniffer.sniff() regex pattern. (GH-5601) (GH-5602)
Co-authored-by: Jake Davis <jcdavis@awedge.net>
(cherry picked from commit 2411292ba8)
2018-02-10 00:00:48 +02:00
Miss Islington (bot) 105fcbfd6a bpo-32585: Add tkinter.ttk.Spinbox. (GH-5221) (GH-5592)
(cherry picked from commit a48e78a0b7)

Co-authored-by: Alan D Moore <me@alandmoore.com>
2018-02-09 13:40:14 +02:00