Use also support.SOCK_MAX_SIZE, not only support.PIPE_MAX_SIZE, to
get the size for a blocking send into a multiprocessing pipe.
Replace also test_support with support.
* bpo-31479: Always reset the signal alarm in tests
Use "try: ... finally: signal.signal(0)" pattern to make sure that
tests don't "leak" a pending fatal signal alarm.
* Move two more alarm() calls into the try block
Fix also typo: replace signal.signal(0) with signal.alarm(0)
* Move another signal.alarm() into the try block
(cherry picked from commit 9abee722d4)
Rename Lib/test/bisect.py to Lib/test/bisect_cmd.py. The old name was
in conflict with Lib/bisect.py, causing test failures, depending how
tests were run.
For example, "python2.7 Lib/test/test_httpservers.py" imported
indirectly Lib/test/bisect.py instead of Lib/bisect.py
on "import bisect".
* Add a space to ensurepip's --altinstall option
* Add periods to the arguments of ensurepip that didn't have it
This makes --help for all optional arguments consistent and also makes it
consistent with pip --help..
(cherry picked from commit e9537ad6a1)
Co-authored-by: Wieland Hoffmann <mineo@users.noreply.github.com>
uuid._ipconfig_getnode did not validate the maximum length of the value,
so long as the value had the same type of formatting as a MAC address.
This let it select DUIDs as MAC addresses. It now requires an exact
length match..
(cherry picked from commit c66c342cb4)
Co-authored-by: CtrlZvi <viz+github@flippedperspective.com>
The robotparser's __str__ representation now includes wildcard
entries.
(cherry picked from commit c3fa1f2b93)
Co-authored-by: Michael Lazar <lazar.michael22@gmail.com>.
`test_urllib2net.OtherNetworkTests.test_sites_no_connection_close`
used `http://www.imdb.com/` but it is moved to https so the test is
not valid anymore. Skip test for the moment to allow CI to proceed.
(cherry picked from commit 36d56ea826)
Co-authored-by: INADA Naoki <methane@users.noreply.github.com>
Allow ttk.Treeview.insert to insert iid that has a false boolean value.
Note iid=0 and iid=False would be same.
(cherry picked from commit 3ab44c0783)
Co-authored-by: Garvit Khatri <garvitdelhi@gmail.com>
The regex to decode a number in fpformat is susceptible to catastrophic backtracking. This is a potential DOS vector if a server is using fpformat on untrusted number strings.
Replace it with an equivalent non-vulnerable regex. The match behavior of the new regex is slightly different. It captures the whole integer part of the number in one group, Leading zeros are stripped off later.
* Prevent low-grade poplib REDOS (CVE-2018-1060)
The regex to test a mail server's timestamp is susceptible to
catastrophic backtracking on long evil responses from the server.
Happily, the maximum length of malicious inputs is 2K thanks
to a limit introduced in the fix for CVE-2013-1752.
A 2KB evil response from the mail server would result in small slowdowns
(milliseconds vs. microseconds) accumulated over many apop calls.
This is a potential DOS vector via accumulated slowdowns.
Replace it with a similar non-vulnerable regex.
The new regex is RFC compliant.
The old regex was non-compliant in edge cases.
* Prevent difflib REDOS (CVE-2018-1061)
The default regex for IS_LINE_JUNK is susceptible to
catastrophic backtracking.
This is a potential DOS vector.
Replace it with an equivalent non-vulnerable regex.
Also introduce unit and REDOS tests for difflib.
Co-authored-by: Tim Peters <tim.peters@gmail.com>
Co-authored-by: Christian Heimes <christian@python.org>.
(cherry picked from commit 0e6c8ee235)
This code never did anything correct or useful. The class attribute will never be affected, and the condition will never be true.
(cherry picked from commit 5fb632e831)
Co-authored-by: Aaron Gallagher <habnabit@users.noreply.github.com>
Debian Unstable has disabled TLS 1.0 and 1.1 for SSLv23_METHOD(). Change
TLS/SSL protocol of some tests to PROTOCOL_TLS or PROTOCOL_TLSv1_2 to
make them pass on Debian.
Signed-off-by: Christian Heimes <christian@python.org>
Make test.support.temp_cwd() fork-safe. The context manager test.support.temp_cwd() no longer removes the temporary directory when executing in a process other than the parent it entered from.
If a forked child exits the context manager it won't do the cleanup..
(cherry picked from commit 33dddac00b)
Co-authored-by: Anselm Kruis <a.kruis@science-computing.de>
Initialize self._ssnd_chunk so that aifc.Error is raised as intended,
not AttributeError.
(cherry picked from commit 80d20b918b)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
_test_multiprocessing.test_queue_feeder_donot_stop_onexc() now uses a
timeout of 1 second on Queue.get(), instead of 0.1 second, for slow
buildbots.
(cherry picked from commit 8f6eeaf21c)
test_subprocess.test_leaking_fds_on_error() failed when the PATH
environment variable contains a path to an existing file. Fix the
test: ignore also ENOTDIR, not only ENOENT and EACCES.
Victor Stinner
T. Wouters
Serhiy Storchaka
Petr Viktorin
Pablo Galindo
Bo Bayles
Andrés Delfino
Cheryl Sabella
Benjamin Peterson
Miss Islington (bot)
Andrés Delfino
scoder
xdegaye
Jamie Davis
bennorth
Christian Heimes
Anselm Kruis
Éric Araujo
Victor Stinner
Gregory P. Smith
Anthony Sottile