This exception was caused because the input ended unexpectedly with only one
single quote instead of a pair with some value inside it.
(cherry picked from commit 719a062bcb)
Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>
* bpo-37461: Fix infinite loop in parsing of specially crafted email headers.
Some crafted email header would cause the get_parameter method to run in an
infinite loop causing a DoS attack surface when parsing those headers. This
patch fixes that by making sure the DQUOTE character is handled to prevent
going into an infinite loop.
(cherry picked from commit a4a994bd3e)
Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>
As far as I can tell, this infinite loop would be triggered if:
1. The value being folded contains a single word (no spaces) longer than
max_line_length
2. The max_line_length is shorter than the encoding's name + 9
characters.
bpo-36564: https://bugs.python.org/issue36564
(cherry picked from commit f69d5c6198)
Co-authored-by: Paul Ganssle <pganssle@users.noreply.github.com>
The `allow_abbrev` option for ArgumentParser is documented and intended to disable support for unique prefixes of --options, which may sometimes be ambiguous due to deferred parsing.
However, the initial implementation also broke parsing of grouped short flags, such as `-ab` meaning `-a -b` (or `-a=b`). Checking the argument for a leading `--` before rejecting it fixes this.
This was prompted by pytest-dev/pytestGH-5469, so a backport to at least 3.8 would be great 😄
And this is my first PR to CPython, so please let me know if I've missed anything!
https://bugs.python.org/issue26967
(cherry picked from commit dffca9e925)
Co-authored-by: Zac Hatfield-Dodds <Zac-HD@users.noreply.github.com>
Returns NotImplemented for timedelta and time in __eq__ for different types in Python implementation, which matches the C implementation.
This also adds tests to enforce that these objects will fall back to the right hand side's __eq__ and/or __ne__ implementation.
bpo-37579
(cherry picked from commit e6b46aafad)
Co-authored-by: Xtreak <tir.karthi@gmail.com>
With the addition of shared memory into Python 3.8, we now have three tests failing on Solaris, namely `test_multiprocessing_fork`, `test_multiprocessing_forkserver` and `test_multiprocessing_spawn`. The reason seems to be incorrect name handling which results in two slashes being prepended.
https://bugs.python.org/issue37558
(cherry picked from commit 4737265622)
Co-authored-by: Jakub Kulík <Kulikjak@gmail.com>
test_ssl.test_pha_required_nocert() now uses
support.catch_threading_exception() to ignore the expected SSLError
in ConnectionHandler of ThreadedEchoServer (it is only raised
sometimes on Windows).
(cherry picked from commit 73ea54620a)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
Nested BinOp instances (e.g. a+b+c) had a wrong col_offset for the
second BinOp (e.g. 2 instead of 0 in the example). Fix it by using the
correct st node to copy the line and col_offset from in ast.c.
(cherry picked from commit 110a47c4f4)
Co-authored-by: Carl Friedrich Bolz-Tereick <cfbolz@gmx.de>
test_concurrent_futures now explicitly stops the ForkServer instance
if it's running.
(cherry picked from commit e676244235)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
* bpo-37520: Correct behavior for zipfile.Path.parent
* 📜🤖 Added by blurb_it.
(cherry picked from commit 38f44b4a4a)
Co-authored-by: Jason R. Coombs <jaraco@jaraco.com>
multiprocessing tests now stop the ForkServer instance if it's
running: close the "alive" file descriptor to ask the server to stop
and then remove its UNIX address.
(cherry picked from commit 8fbeb14312)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
test_concurrent_futures now cleans up multiprocessing to remove
immediately temporary directories created by
multiprocessing.util.get_temp_dir().
The test now uses setUpModule() and tearDownModule().
(cherry picked from commit 684cb47fff)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
test_winconsoleio doesn't leak a temporary file anymore: use
tempfile.TemporaryFile() to remove it when the test completes.
(cherry picked from commit b71d8d6795)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
ssl.match_hostname() no longer accepts IPv4 addresses with additional text
after the address and only quad-dotted notation without trailing
whitespaces. Some inet_aton() implementations ignore whitespace and all data
after whitespace, e.g. '127.0.0.1 whatever'.
Short notations like '127.1' for '127.0.0.1' were already filtered out.
The bug was initially found by Dominik Czarnota and reported by Paul Kehrer.
Signed-off-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue37463
(cherry picked from commit 477b1b2576)
Co-authored-by: Christian Heimes <christian@python.org>
multiprocessing tests now call explicitly _run_finalizers() to remove
immediately temporary directories created by
multiprocessing.util.get_temp_dir().
(cherry picked from commit 039fb49c18)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
Python initialization now ensures that sys stream encoding
names are always normalized by codecs.lookup(encoding).name.
Simplify test_c_locale_coercion: it doesn't have to normalize
encoding names anymore.
(cherry picked from commit 61bf97e916)
Co-authored-by: Jakub Kulík <Kulikjak@gmail.com>
Under some conditions the earlier fix for bpo-18075, "Infinite recursion
tests triggering a segfault on Mac OS X", now causes failures on macOS
when attempting to change stack limit with resource.setrlimit
resource.RLIMIT_STACK, like regrtest does when running the test suite.
The reverted change had specified a non-default stack size when linking
the python executable on macOS. As of macOS 10.14.4, the previous
code causes a hard failure when running tests, although similar
failures had been seen under some conditions under some earlier
systems. Reverting the change to the interpreter stack size at link
time helped for release builds but caused some tests to fail when
built --with-pydebug. Try the opposite approach: continue to build
the interpreter with an increased stack size on macOS and remove
the failing setrlimit call in regrtest initialization. This will
definitely avoid the resource.RLIMIT_STACK error and should have
no, or fewer, side effects.
(cherry picked from commit 5bbbc733e6)
Co-authored-by: Ned Deily <nad@python.org>
Stop using "static PyConfig", PyConfig must now always use
dynamically allocated strings: use PyConfig_SetString(),
PyConfig_SetArgv() and PyConfig_Clear().
(cherry picked from commit 67310023f2)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
Fix sys.excepthook() and PyErr_Display() if a filename is a bytes
string. For example, for a SyntaxError exception where the filename
attribute is a bytes string.
Cleanup also test_sys:
* Sort imports.
* Rename numruns global var to INTERN_NUMRUNS.
* Add DisplayHookTest and ExceptHookTest test case classes.
* Don't save/restore sys.stdout and sys.displayhook using
setUp()/tearDown(): do it in each test method.
* Test error case (call hook with no argument) after the success case.
(cherry picked from commit f9b7457bd7)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
SSLContext.post_handshake_auth = True no longer sets
SSL_VERIFY_POST_HANDSHAKE verify flag for client connections. Although the
option is documented as ignored for clients, OpenSSL implicitly enables cert
chain validation when the flag is set.
Signed-off-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue37428
(cherry picked from commit f0f5930ac8)
sys._base_executable is now always defined on all platforms, and can be overridden through configuration.
Also adds test.support.PythonSymlink to encapsulate platform-specific logic for symlinking sys.executable
* Fix typo in supports_file2file_sendfile(); ensure that dst is
removed
* Fix test_copytree_custom_copy_function(): remove dst tree.
Use support.rmtree() rather than shutil.rmtree() to remove
temporary directories: support tries harder.
(cherry picked from commit 4c26abd14f)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
* patched string index out of range error in get_word function of _header_value_parser.py and created tests in test__header_value_parser.py for CFWS.
* Raise HeaderParseError instead of continuing when parsing a word.
(cherry picked from commit 7213df7bbf)
Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>
Fix test_wsgiref.testEnviron() to no longer depend on the environment
variables (don't fail if "X" variable is set).
testEnviron() now overrides os.environ to get a deterministic
environment. Test full TestHandler.environ content: not only a few
selected variables.
(cherry picked from commit 5150d32792)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
The os.getcwdb() function now uses the UTF-8 encoding on Windows,
rather than the ANSI code page: see PEP 529 for the rationale. The
function is no longer deprecated on Windows.
os.getcwd() and os.getcwdb() now detect integer overflow on memory
allocations. On Unix, these functions properly report MemoryError on
memory allocation failure.
(cherry picked from commit 689830ee62)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
Increase robustness of test_resource_tracker(): retry for 60 seconds.
(cherry picked from commit e1a63c4f21)
Co-authored-by: Pierre Glaser <pierreglaser@msn.com>
When certain malformed messages have content-type set to 'mulitpart/*' but
still have a single part body, iter_attachments can raise AttributeError. This
patch fixes it by returning a None value instead when the body is single part.
(cherry picked from commit 02257012f6)
Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>
https://bugs.python.org/issue33972
Use os.getgroups() rather than grp.getgrall() to get groups.
Rename also the test to test_chown_gid().
(cherry picked from commit d7c87d982d)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
* The UTF-8 incremental decoders fails now fast if encounter
a sequence that can't be handled by the error handler.
* The UTF-16 incremental decoders with the surrogatepass error
handler decodes now a lone low surrogate with final=False.
(cherry picked from commit 894263ba80)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
eval() was being called an extra time without a filter for
deprecation warnings.
(cherry picked from commit 9fe42b49c7)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
Miss Islington (bot)
Victor Stinner
Christian Heimes
Steve Dower
Abhilash Raj
Jeroen Demeyer