| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
| |
(GH-96724)
Co-authored-by: Thomas Grainger <tagrain@gmail.com>
Co-authored-by: Guido van Rossum <gvanrossum@gmail.com>
(cherry picked from commit 6281affee6423296893b509cd78dc563ca58b196)
Co-authored-by: Hendrik Makait <hendrik.makait@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 50a70a083d34305a52fac4f5901bff2ead152d68)
Co-authored-by: Mark Shannon <mark@hotpy.org>
|
| |
|
|
|
| |
(cherry picked from commit 88a7f661ca02c0eb76b8f19234b8293b70f171e2)
Co-authored-by: Kumar Aditya <59607654+kumaraditya303@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
test. (GH-96717)
A regression would still absolutely fail and even a flaky pass isn't
harmful as it'd fail most of the time across our N system test runs.
Windows has a low resolution timer and CI systems are prone to odd
timing so this just gives more leeway to avoid flakiness.
(cherry picked from commit 11e3548fd1d3445ccde971d613633b58d73c3016)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
|
| |
|
|
|
| |
Co-authored-by: Brandt Bucher <brandtbucher@gmail.com>
(cherry picked from commit aa3b4cf779b3dddb84e094879b91703354910d8c)
|
| | |
|
| |
|
|
|
|
|
| |
(GH-96353)
(cherry picked from commit b9634ac776c24bc4d4a57859d884a94cdfe16043)
Co-authored-by: philg314 <110174000+philg314@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
(cherry picked from commit 3adb4d864bb18a51334c922a732e5e3602799ba1)
Co-authored-by: Michael Droettboom <mdboom@gmail.com>
Co-authored-by: Michael Droettboom <mdboom@gmail.com>
|
| |
|
|
|
|
|
| |
(GH-95937)
(cherry picked from commit 1402d2ceca8ccef8c3538906b3f547365891d391)
Co-authored-by: Irit Katriel <1055913+iritkatriel@users.noreply.github.com>
|
| |
|
|
|
|
| |
(GH-25619) (#96556)
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
|
| |
|
| |
Co-authored-by: Michael Droettboom <mdboom@gmail.com>
|
| |
|
|
|
|
|
|
| |
Fix the faulthandler implementation of faulthandler.register(signal,
chain=True) if the sigaction() function is not available: don't call
the previous signal handler if it's NULL.
(cherry picked from commit c580a81af91af4b9df85e466f8b48c3c9c86c3df)
Co-authored-by: Victor Stinner <vstinner@python.org>
|
| | |
|
| |
|
|
|
|
|
|
| |
This makes tokenizer.c:valid_utf8 match stringlib/codecs.h:decode_utf8.
It also fixes an off-by-one error introduced in 3.10 for the line number when the tokenizer reports bad UTF8.
(cherry picked from commit 8bc356a7dd50cbdb46d10b8c7e457832431f5d9e)
Co-authored-by: Michael Droettboom <mdboom@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 4114bcc9ef7595a07196bcecf9c7d6d39f57f64d)
Co-authored-by: Steve Dower <steve.dower@python.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
There were two specific areas not covered:
- %(name) syntax
- %*s syntax
Automerge-Triggered-By: GH:iritkatriel
(cherry picked from commit dde15f5879c3576db42ee4366fb684747c31459f)
Co-authored-by: Michael Droettboom <mdboom@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 2fd7246e97c8cc09b4e3f22933693f9d68f08163)
Co-authored-by: Nikita Sobolev <mail@sobolevn.me>
|
| |
|
|
|
| |
(cherry picked from commit 05692c67c51b78a5a5a7bb61d646519025e38015)
Co-authored-by: Michael Droettboom <mdboom@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 67444902a0f10419a557d0a2d3b8675c31b075a9)
Co-authored-by: Kumar Aditya <59607654+kumaraditya303@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
(#96617)
(cherry picked from commit 95e271b2266b8f2e7b60ede86ccf3ede4a7f83eb)
Co-authored-by: Mark Shannon <mark@hotpy.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(GH-96593)
This doesn't happen naturally, but is allowed by the ASDL and compiler.
We don't want to change ASDL for backward compatibility reasons
(GH-57645, GH-92987)
(cherry picked from commit 200c9a8da0e2b892c476807e986009c01327e781)
Co-authored-by: Shantanu <12621235+hauntsaninja@users.noreply.github.com>
Co-authored-by: Shantanu <12621235+hauntsaninja@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
and adds What's New section (GH-96595)
(cherry picked from commit 80a9bd2e94b1759a7669fa811ed3526eb137c92d)
Co-authored-by: Steve Dower <steve.dower@python.org>
|
| |
|
|
|
|
|
|
| |
This Monty Python reference is of-its-time. It could seem inappropriate in the context of today's sensibilities around mental health.
Automerge-Triggered-By: GH:iritkatriel
(cherry picked from commit c4999f261fb0cb28ef713b48ef2e81ca5a3eb1e1)
Co-authored-by: Irit Katriel <1055913+iritkatriel@users.noreply.github.com>
|
| |
|
|
|
| |
(cherry picked from commit 991b3712a11a705efc6e45d22643bb2ccfb3eca5)
Co-authored-by: Ned Deily <nad@python.org>
|
| |
|
|
| |
(GH-96574) (GH-96575)
|
| |
|
|
|
| |
(cherry picked from commit 9e5568578234f0ecd003247c8a2deaeb69976b4b)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Converting a large enough `int` to a decimal string raises `ValueError` as expected. However, the raise comes _after_ the quadratic-time base-conversion algorithm has run to completion. For effective DOS prevention, we need some kind of check before entering the quadratic-time loop. Oops! =)
The quick fix: essentially we catch _most_ values that exceed the threshold up front. Those that slip through will still be on the small side (read: sufficiently fast), and will get caught by the existing check so that the limit remains exact.
The justification for the current check. The C code check is:
```c
max_str_digits / (3 * PyLong_SHIFT) <= (size_a - 11) / 10
```
In GitHub markdown math-speak, writing $M$ for `max_str_digits`, $L$ for `PyLong_SHIFT` and $s$ for `size_a`, that check is:
$$\left\lfloor\frac{M}{3L}\right\rfloor \le \left\lfloor\frac{s - 11}{10}\right\rfloor$$
From this it follows that
$$\frac{M}{3L} < \frac{s-1}{10}$$
hence that
$$\frac{L(s-1)}{M} > \frac{10}{3} > \log_2(10).$$
So
$$2^{L(s-1)} > 10^M.$$
But our input integer $a$ satisfies $|a| \ge 2^{L(s-1)}$, so $|a|$ is larger than $10^M$. This shows that we don't accidentally capture anything _below_ the intended limit in the check.
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
(cherry picked from commit b126196838bbaf5f4d35120e0e6bcde435b0b480)
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
|
| |
|
|
|
|
| |
accross -> across
(cherry picked from commit 6adb89f50a0b032e0264cb3cd400a71c0fe6e0f8)
Co-authored-by: Ikko Ashimine <eltociear@gmail.com>
|
| |
|
|
|
|
| |
Per mdickinson@'s comment on the main branch PR.
(cherry picked from commit 69bb83c2bf254f92491d527ccec1ff41897add56)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
|
| |
|
|
|
| |
(cherry picked from commit af6359dd5c5e20adec12501aaa6074716c316e41)
Co-authored-by: Mehrdad Moradizadeh <mhrddmoradii@gmail.com>
|
| |
|
|
| |
(GH-96532)
|
| |
|
|
| |
record… (GH-96527) (GH-96528)
|
| |
|
|
|
|
|
| |
(cherry picked from commit 837ce6460d6554e9d7a847951ca5108ac6926ee5)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
|
| |
|
|
|
|
|
|
| |
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
Co-authored-by: Martin Panter <vadmium@users.noreply.github.com>
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
(cherry picked from commit ccce9b77e1f599e05425eadc0cc372d142fe05e0)
Co-authored-by: Cheryl Sabella <cheryl.sabella@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Integer to and from text conversions via CPython's bignum `int` type is not safe against denial of service attacks due to malicious input. Very large input strings with hundred thousands of digits can consume several CPU seconds.
This PR comes fresh from a pile of work done in our private PSRT security response team repo.
This backports https://github.com/python/cpython/pull/96499 aka 511ca9452033ef95bc7d7fc404b8161068226002
Signed-off-by: Christian Heimes [Red Hat] <christian@python.org>
Tons-of-polishing-up-by: Gregory P. Smith [Google] <greg@krypto.org>
Reviews via the private PSRT repo via many others (see the NEWS entry in the PR).
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
I wrote up [a one pager for the release managers](https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y/edit#).
|
| |
|
|
|
|
|
|
| |
Also rearrange some items in the list.
Co-authored-by: Thomas Grainger <tagrain@gmail.com>
(cherry picked from commit 2a9e4e4d73683d9c10b6811da81075f1f51c13a2)
Co-authored-by: siph <42943030+siphc@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Ezio Melotti <ezio.melotti@gmail.com>
(cherry picked from commit 91f40f3f78d6016a283989e32ec3d1fb61bcebca)
Co-authored-by: Erlend E. Aasland <erlend.aasland@innova.no>
|
| |
|
|
|
|
|
| |
bytecode (GH-96456)
(cherry picked from commit a91f25577c71ab8797a4b42f22c43bbaffc2604d)
Co-authored-by: Irit Katriel <1055913+iritkatriel@users.noreply.github.com>
|
| |
|
|
|
| |
(cherry picked from commit f7e7bf161aaec5a5cffdcec7c97e1f09e445421b)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 7b01ce7953c0e24aa7aeaf207216fc9e7aefd18a)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
|
| |
|
|
|
|
|
| |
The builtin `property` is not a callable, so was failing the check in
`_test_simple_enum` causing a match failure; this adds `property` to the
bypass list.
Co-authored-by: Alexandru Mărășteanu <alexei@users.noreply.github.com>
|
| |
|
|
|
|
| |
Co-authored-by: Alex Waygood <Alex.Waygood@Gmail.com>
(cherry picked from commit 07f12b5c1567581aa77d523e462b0e7f75c1f05c)
Co-authored-by: Adrian Garcia Badaracco <1755071+adriangb@users.noreply.github.com>
|
| |
|
|
|
| |
(cherry picked from commit b17aae8bbd13bec28b7ecbb5a147503f2e9cf365)
Co-authored-by: partev <petrosyan@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 860fa351452de1502da12ec6f027d3f72dfc309f)
Co-authored-by: Tim Burke <tim.burke@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
(#96395)
(cherry picked from commit e5b2453e61ba5376831093236d598ef5f9f1de61)
Co-authored-by: Kumar Aditya <59607654+kumaraditya303@users.noreply.github.com>
Co-authored-by: Kumar Aditya <59607654+kumaraditya303@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
| |
(GH-96323) (#96344)
(cherry picked from commit e860e521ec0d84e175269aeb15cf24bd6053ad17)
Co-authored-by: Kirill <iam@python273.pw>
Co-authored-by: Kirill <iam@python273.pw>
|
| |
|
|
|
|
|
| |
(cherry picked from commit 75177358a62afeabd1d3aa0e9f395c2b9d4495ca)
Co-authored-by: Nikita Sobolev <mail@sobolevn.me>
Co-authored-by: Nikita Sobolev <mail@sobolevn.me>
|
| |
|
|
| |
(GH-96380) (GH-96401)
|
| |
|
|
|
|
| |
It is now deprecated and the docs should reflect that.
(cherry picked from commit 9625de6fab4597bcd04ec390b680b053b0533816)
Co-authored-by: da-woods <dw-git@d-woods.co.uk>
|
