| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
(GH-… (GH-96576)
|
| |
|
|
|
| |
(cherry picked from commit 9e5568578234f0ecd003247c8a2deaeb69976b4b)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#96563)
Converting a large enough `int` to a decimal string raises `ValueError` as expected. However, the raise comes _after_ the quadratic-time base-conversion algorithm has run to completion. For effective DOS prevention, we need some kind of check before entering the quadratic-time loop. Oops! =)
The quick fix: essentially we catch _most_ values that exceed the threshold up front. Those that slip through will still be on the small side (read: sufficiently fast), and will get caught by the existing check so that the limit remains exact.
The justification for the current check. The C code check is:
```c
max_str_digits / (3 * PyLong_SHIFT) <= (size_a - 11) / 10
```
In GitHub markdown math-speak, writing $M$ for `max_str_digits`, $L$ for `PyLong_SHIFT` and $s$ for `size_a`, that check is:
$$\left\lfloor\frac{M}{3L}\right\rfloor \le \left\lfloor\frac{s - 11}{10}\right\rfloor$$
From this it follows that
$$\frac{M}{3L} < \frac{s-1}{10}$$
hence that
$$\frac{L(s-1)}{M} > \frac{10}{3} > \log_2(10).$$
So
$$2^{L(s-1)} > 10^M.$$
But our input integer $a$ satisfies $|a| \ge 2^{L(s-1)}$, so $|a|$ is larger than $10^M$. This shows that we don't accidentally capture anything _below_ the intended limit in the check.
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
(cherry picked from commit b126196838bbaf5f4d35120e0e6bcde435b0b480)
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(GH-96557)
* gh-68163: Correct conversion of Rational instances to float
Also document that numerator/denominator properties are instances of Integral.
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
(cherry picked from commit 8464b754c4168586b99e2135ccd2567e025625a9)
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
|
| |
|
|
|
|
| |
Per mdickinson@'s comment on the main branch PR.
(cherry picked from commit 69bb83c2bf254f92491d527ccec1ff41897add56)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
|
| |
|
|
|
| |
(cherry picked from commit af6359dd5c5e20adec12501aaa6074716c316e41)
Co-authored-by: Mehrdad Moradizadeh <mhrddmoradii@gmail.com>
|
| |
|
|
| |
(GH-96533)
|
| |
|
|
| |
record… (GH-96527) (GH-96529)
|
| |
|
|
|
| |
(cherry picked from commit 837ce6460d6554e9d7a847951ca5108ac6926ee5)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
|
| |
|
|
|
|
|
|
| |
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
Co-authored-by: Martin Panter <vadmium@users.noreply.github.com>
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
(cherry picked from commit ccce9b77e1f599e05425eadc0cc372d142fe05e0)
Co-authored-by: Cheryl Sabella <cheryl.sabella@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Integer to and from text conversions via CPython's bignum `int` type is not safe against denial of service attacks due to malicious input. Very large input strings with hundred thousands of digits can consume several CPU seconds.
This PR comes fresh from a pile of work done in our private PSRT security response team repo.
This backports https://github.com/python/cpython/pull/96499 aka 511ca9452033ef95bc7d7fc404b8161068226002
Signed-off-by: Christian Heimes [Red Hat] <christian@python.org>
Tons-of-polishing-up-by: Gregory P. Smith [Google] <greg@krypto.org>
Reviews via the private PSRT repo via many others (see the NEWS entry in the PR).
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
I wrote up [a one pager for the release managers](https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y/edit#).
|
| |
|
|
|
|
|
| |
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Ezio Melotti <ezio.melotti@gmail.com>
(cherry picked from commit 91f40f3f78d6016a283989e32ec3d1fb61bcebca)
Co-authored-by: Erlend E. Aasland <erlend.aasland@innova.no>
|
| |
|
|
|
|
| |
* [3.10] gh-96414: Inline code examples in sqlite3 docs (GH-96442).
(cherry picked from commit f7e7bf161aaec5a5cffdcec7c97e1f09e445421b)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 7b01ce7953c0e24aa7aeaf207216fc9e7aefd18a)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 860fa351452de1502da12ec6f027d3f72dfc309f)
Co-authored-by: Tim Burke <tim.burke@gmail.com>
|
| | |
|
| |
|
|
| |
(GH-96380) (GH-96400)
|
| |
|
|
|
|
| |
It is now deprecated and the docs should reflect that.
(cherry picked from commit 9625de6fab4597bcd04ec390b680b053b0533816)
Co-authored-by: da-woods <dw-git@d-woods.co.uk>
|
| |
|
|
|
| |
(cherry picked from commit 6d403e264a7dcd1544a91708f139c6dd8612204d)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If kernel fips is enabled, we get permission error upon doing
`import crypt`. So, if kernel fips is enabled, disable the
unallowed hashing methods.
Python 3.9.1 (default, May 10 2022, 11:36:26)
[GCC 10.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import crypt
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python3.9/crypt.py", line 117, in <module>
_add_method('MD5', '1', 8, 34)
File "/usr/lib/python3.9/crypt.py", line 94, in _add_method
result = crypt('', salt)
File "/usr/lib/python3.9/crypt.py", line 82, in crypt
return _crypt.crypt(word, salt)
PermissionError: [Errno 1] Operation not permitted
Signed-off-by: Shreenidhi Shedi <sshedi@vmware.com>
(cherry picked from commit 2fa03b1b0708d5d74630c351ec9abd2aac7550da)
Co-authored-by: Shreenidhi Shedi <53473811+sshedi@users.noreply.github.com>
|
| |
|
| |
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
|
|
| |
As a consequence of the added test, this commit also includes
fixes for broken examples.
- Add separate namespace for trace tests bco. module level callback
- Move more backup and cursor examples under separate namespaces.
(cherry picked from commit bf9259776dff5348bc854983409ea68618c1f174)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 3d3a86ed40626471b2c9e7f1336b228eb0dd0879)
Co-authored-by: Jonathan Oberländer <github@l3vi.de>
|
| |
|
|
| |
(gh-96376)
|
| |
|
|
|
| |
(cherry picked from commit 1c01bd28a0ec7e46e570a07d970c590b1809f8f1)
Co-authored-by: Nikita Sobolev <mail@sobolevn.me>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* gh-95994: clarify escaped newlines.
* Rephrase ambiguous sentence.
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
* Use `<newline>` in escape sequences table.
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>.
(cherry picked from commit c3d591fd0699605c8253beda2372114052a7bdba)
Co-authored-by: Ezio Melotti <ezio.melotti@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(GH-96135) (GH-96235)
Tests for IsolatedAsyncioTestCase.debug() rely on the runner be closed
in __del__. It makes tests depending on the GC an unreliable on other
implementations. It is better to tear down the loop explicitly even if
currently there is no a public API for this.
(cherry picked from commit 4de06e3cc0a58d73934f9a2759ad9cd2f6b031b0)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
| |
(GH-96340) (GH-96342)
|
| |
|
|
| |
(GH-96322) (GH-96338)
|
| |
|
|
| |
(GH-96325)
|
| |
|
|
|
| |
(cherry picked from commit 0ace820bec8892d621a4aadc1feb6c56e25560bf)
Co-authored-by: Ansab Gillani <56605828+ansabgillani@users.noreply.github.com>
|
| |
|
|
|
|
| |
fixes gh-96296
(cherry picked from commit e53444051018af3351cc26c4bf1ed2d380292016)
Co-authored-by: Daniel Giger <danielg3432@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 0319cd6825f3c247a875c91493a38992fb33a5b3)
Co-authored-by: Dong-hee Na <donghee.na@python.org>
|
| |
|
|
|
| |
(cherry picked from commit 47d406ffc4946b023e38322c5235bec25f068481)
Co-authored-by: Dong-hee Na <donghee.na@python.org>
|
| |
|
|
|
| |
Windows build scripts. (GH-31803)
Co-authored-by: conioh <10606081+conioh@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes:
https://github.com/python/cpython/issues/95300
Related:
https://github.com/python/cpython/issues/91271
(cherry picked from commit caa2a9799a47294441e4206037620322eea9ed06)
Co-authored-by: ov2k <ov2k.github@gmail.com>
|
| |
|
|
| |
(GH-94803) (GH-96261)
|
| |
|
|
|
|
|
|
|
|
|
| |
find_unused_port() has an inherent race condition, but we can't use
bind_port() as that uses .getsockname() which this test is exercising.
Try binding to unused ports a few times before failing.
Signed-off-by: Ross Burton <ross.burton@arm.com>
(cherry picked from commit df110126971d0271a977ce10779083b3e335b4da)
Co-authored-by: Ross Burton <ross.burton@arm.com>
|
| |
|
|
|
|
| |
The `movies[bisect(movies, 1960, key=by_year)]` will actually return only movies **after** 1960.
(cherry picked from commit 4317b25a2323ae4be04574e45de0e335c571c463)
Co-authored-by: prego <pedropregueiro@gmail.com>
|
| |
|
|
|
|
|
| |
(gh-96231)
(cherry picked from commit 09563a764ebc54f98087c128419f46cf0822b4b7)
Co-authored-by: Dong-hee Na <donghee.na@python.org>
|
| |
|
|
|
|
|
|
|
| |
adapters to reference (GH-96136) (#96227)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
Co-authored-by: Ezio Melotti <ezio.melotti@gmail.com>.
(cherry picked from commit 6bda5b85b53443f3467865fbf85cbe72932e7cd6)
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
|
| |
|
| |
Co-authored-by: Kumar Aditya <59607654+kumaraditya303@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
| |
(GH-96176)
X-Ref: https://github.com/python/typeshed/pull/8590GH-discussion_r951473977
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
(cherry picked from commit 58f6953d6d3fe20d972bfa2f6e982206adcf1353)
Co-authored-by: Kevin Kirsche <Kev.Kirsche+GitHub@gmail.com>
|
| |
|
|
|
|
|
| |
indexes (GH-96188). (#96210)
(cherry picked from commit 16ebae4cd4029205d932751f26c719c6cb8a6e92)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
|
| |
|
|
| |
(GH-95207)
|
| |
|
|
|
| |
logging.TimedRotat… (GH-96182) (GH-96195)
Co-authored-by: Duncan Grisby <duncan-github@grisby.org>
|
| |
|
|
|
|
|
| |
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
Co-authored-by: Ezio Melotti <ezio.melotti@gmail.com>
(cherry picked from commit d6259c58cbb48b8f3fbd70047f004ea19fe91e86)
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
|
| |
|
|
|
| |
(cherry picked from commit 04c73e5efbfea8ae9da5bd518cee96086017ef4f)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
|
| |
|
|
|
|
|
| |
Co-authored-by: Ezio Melotti <ezio.melotti@gmail.com>
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
(cherry picked from commit 18b1782192f85bd26db89f5bc850f8bee4247c1a)
Co-authored-by: Erlend E. Aasland <erlend.aasland@innova.no>
|
