| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Correctly pre-check for int-to-str conversion
Converting a large enough `int` to a decimal string raises `ValueError` as expected. However, the raise comes _after_ the quadratic-time base-conversion algorithm has run to completion. For effective DOS prevention, we need some kind of check before entering the quadratic-time loop. Oops! =)
The quick fix: essentially we catch _most_ values that exceed the threshold up front. Those that slip through will still be on the small side (read: sufficiently fast), and will get caught by the existing check so that the limit remains exact.
The justification for the current check. The C code check is:
```c
max_str_digits / (3 * PyLong_SHIFT) <= (size_a - 11) / 10
```
In GitHub markdown math-speak, writing $M$ for `max_str_digits`, $L$ for `PyLong_SHIFT` and $s$ for `size_a`, that check is:
$$\left\lfloor\frac{M}{3L}\right\rfloor \le \left\lfloor\frac{s - 11}{10}\right\rfloor$$
From this it follows that
$$\frac{M}{3L} < \frac{s-1}{10}$$
hence that
$$\frac{L(s-1)}{M} > \frac{10}{3} > \log_2(10).$$
So
$$2^{L(s-1)} > 10^M.$$
But our input integer $a$ satisfies $|a| \ge 2^{L(s-1)}$, so $|a|$ is larger than $10^M$. This shows that we don't accidentally capture anything _below_ the intended limit in the check.
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
Co-authored-by: Christian Heimes <christian@python.org>
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit d28b34695301ec99a9334ad8d69b6092f4f703d5)
Co-authored-by: Andre Delfino <adelfino@gmail.com>
|
| |
|
| |
(cherry picked from commit 3584d4b64a5373440f78237eac734831cfd83f79)
|
| |
|
|
|
|
|
|
|
|
| |
This lease on this domain has lapsed. This not only makes these dead links, but a potential attack vector for readers of python.org as the domain can be obtained by an untrustworthy party.
I considered redirecting these links to http://mingw-w64.org/ which is a maintained fork of mingw, but beyond my unfamiliarity with the exact level of compatibility, at the time of this PR that site had an expired cert and so is not much of a vulnerability fix.
Automerge-Triggered-By: GH:Mariatta
(cherry picked from commit 743932d50815edbe4ffd530ae091c53ae47dd34b)
Co-authored-by: Jeremy Paige <ucodery@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 1ba08a121a25fcf7c947d8d37e72e46dae59168c)
Co-authored-by: Steve Dower <steve.dower@python.org>
|
| | |
|
| |
|
|
|
| |
(cherry picked from commit ff1ae3dd334faa2006394c2318db385cdc42030a)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit ebc8c3828779374b9be4fae5c8ffc0059d36ac8c)
Co-authored-by: Saiyang Gou <gousaiyang@163.com>
|
| |
|
|
|
| |
(cherry picked from commit c8966667bbdb284c3780ef6cec8a3870935a6bb7)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit ef16958d17e83723334a51428f410f726d6492a7)
Co-authored-by: Miro Hrončok <miro@hroncok.cz>
|
| |
|
|
|
| |
(cherry picked from commit 7864f11cdf12807555d62c7a132c191eb41ecc02)
Co-authored-by: Andre Delfino <adelfino@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 45217af29c7f380089af17beb48a5ea0560bbb9d)
Co-authored-by: Derek Keeler <d3r3kk@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
Fix typo in cmdline.rst
Add space between the `-m` option and the module name (`timeit`).
(cherry picked from commit c580981ba01c4d9f721dbdd88208ba37704e0217)
Co-authored-by: Julin S <48789920+ju-sh@users.noreply.github.com>
|
| |
|
|
|
|
| |
Co-Authored-By: Kyle Stanley <aeros167@gmail.com>
(cherry picked from commit 148610d88a2785751ed435a4e60f07a9f1bc50a6)
Co-authored-by: Inada Naoki <songofacandy@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 0fe0b88d6eb597c9a929e14ad47a5a9bd99bfe53)
Co-authored-by: Jules Lasne (jlasne) <jules.lasne@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 4d202281c128e2026e78fc5f4cc752b1dafbf3ad)
Co-authored-by: Steve Dower <steve.dower@python.org>
|
| |
|
|
|
|
|
|
| |
Attempt to make isolated mode easier to discover via additional inline documentation.
Co-Authored-By: Julien Palard <julien@palard.fr>
(cherry picked from commit bdd6945d4dbd1fe6a7fcff95f7d6908db7d791a1)
Co-authored-by: Xtreak <tir.karthi@gmail.com>
|
| |
|
|
|
|
|
| |
(GH-15269)
(cherry picked from commit e9c90aa43144b0be1e4e393e8cb549573437a5da)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit cf9360e524acafdce99a8a1e48947fd7da06f3d4)
Co-authored-by: Steve Dower <steve.dower@python.org>
|
| |
|
|
|
| |
(cherry picked from commit 91e49575095ca16d1b67dd8822deeb7885e421da)
Co-authored-by: Derek Keeler <d3r3kk@users.noreply.github.com>
|
| | |
|
| |
|
|
|
|
|
|
| |
Move the Editors and IDE section out of the Unix section, to its own section.
https://bugs.python.org/issue37610
(cherry picked from commit 8f040b7a9f442e7c2605ef1cad9c6b5eb7dd7af7)
Co-authored-by: aldwinaldwin <aldwinaldwin@users.noreply.github.com>
|
| |
|
|
|
| |
(cherry picked from commit e226e83d36dfc7220d836fb7a249ce18e70cb4a6)
Co-authored-by: Steve Dower <steve.dower@python.org>
|
| |
|
|
|
|
| |
Add a versionadded for PS Core and note that `.venv` is a common virtual environment name.
(cherry picked from commit f9f8e3ce709ceb15c8db8c8dde940daf1febf13d)
Co-authored-by: Brett Cannon <54418+brettcannon@users.noreply.github.com>
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
highlightlang is deprecated since April 2018 in Sphinx.
See https://github.com/sphinx-doc/sphinx/pull/4845
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Release build and debug build are now ABI compatible: the Py_DEBUG
define no longer implies Py_TRACE_REFS define which introduces the
only ABI incompatibility.
A new "./configure --with-trace-refs" build option is now required to
get Py_TRACE_REFS define which adds sys.getobjects() function and
PYTHONDUMPREFS environment variable.
Changes:
* Add ./configure --with-trace-refs
* Py_DEBUG no longer implies Py_TRACE_REFS
|
| |
|
|
|
| |
(GH-7849)
Since bpo-30291 it is possible to specify the architecture of Python when using the launcher
|
| |
|
|
|
| |
In development mode (-X dev) and in debug build, the io.IOBase
destructor now logs close() exceptions. These exceptions are silent
by default in release mode.
|
| |
|
| |
Document usage of the existing `--prompt` option in the command line help.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
(GH-11144)
…copy of python binary
https://bugs.python.org/issue35450
|
| |
|
| |
Also adds the PC/layout script for generating layouts on Windows.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Replace "Availability: xxx" with ".. availability:: xxx" in the doc.
Original patch by Georg Brandl.
Co-Authored-By: Georg Brandl <georg@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(GH-9430)
* Revert "bpo-34589: Add -X coerce_c_locale command line option (GH-9378)"
This reverts commit dbdee0073cf0b88fe541980ace1f650900f455cc.
* Revert "bpo-34589: C locale coercion off by default (GH-9073)"
This reverts commit 7a0791b6992d420dc52536257f2f093851ed7215.
* Revert "bpo-34589: Make _PyCoreConfig.coerce_c_locale private (GH-9371)"
This reverts commit 188ebfa475a6f6aa2d0ea14ca8e1fbe7865b6d27.
|
| |
|
|
| |
Add a new -X coerce_c_locale command line option to control C locale
coercion (PEP 538).
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Using OptiPNG 0.7.7.
Used command is: `find . -name '*.png' | xargs optipng -o7`
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(GH-6834)
In some development setups it is inconvenient or impossible to write bytecode
caches to the code tree, but the bytecode caches are still useful. The
PYTHONPYCACHEPREFIX environment variable allows specifying an alternate
location for cached bytecode files, within which a directory tree mirroring the code
tree will be created. This cache tree is then used (for both reading and writing)
instead of the local `__pycache__` subdirectory within each source directory.
Exposed at runtime as sys.pycache_prefix (defaulting to None), and can
be set from the CLI as "-X pycache_prefix=path".
Patch by Carl Meyer.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While locale coercion and UTF-8 mode turned out to
be complementary ideas rather than competing ones,
it isn't immediately obvious why it's useful to
have both, or how they interact at runtime.
This updates both the Python 3.7 What's New doc
and the PYTHONCOERCECLOCALE and PYTHONUTF8
documentation in an attempt to clarify that
relationship:
- in the respective What's New sections, add a closing paragraph
explaining which problem each one solves, and pointing to the
other PEP's section for the specific aspects it relies on the other
PEP to solve
- use "locale-aware mode" as a more descriptive term for the
default non-UTF-8 mode
- improve wording conistenccy between the PYTHONCOERCECLOCALE
and PYTHONUTF8 docs when they cover the same thing (mostly
related to legacy locale detection and setting the standard
stream error handler)
- improve the description of the locale coercion trigger conditions
(including pointing out that setting LC_ALL turns off locale coercion)
- port the full description of the UTF-8 mode behaviour changes
from PEP 540 into the PYTHONUTF8 documentation
- be explicit that PYTHONIOENCODING still overrides the settings
for the standard streams
- mention concrete examples of things that do and don't get their
text encoding assumptions adjusted by the two text encoding
assumption override techniques
|
