| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Correctly pre-check for int-to-str conversion
Converting a large enough `int` to a decimal string raises `ValueError` as expected. However, the raise comes _after_ the quadratic-time base-conversion algorithm has run to completion. For effective DOS prevention, we need some kind of check before entering the quadratic-time loop. Oops! =)
The quick fix: essentially we catch _most_ values that exceed the threshold up front. Those that slip through will still be on the small side (read: sufficiently fast), and will get caught by the existing check so that the limit remains exact.
The justification for the current check. The C code check is:
```c
max_str_digits / (3 * PyLong_SHIFT) <= (size_a - 11) / 10
```
In GitHub markdown math-speak, writing $M$ for `max_str_digits`, $L$ for `PyLong_SHIFT` and $s$ for `size_a`, that check is:
$$\left\lfloor\frac{M}{3L}\right\rfloor \le \left\lfloor\frac{s - 11}{10}\right\rfloor$$
From this it follows that
$$\frac{M}{3L} < \frac{s-1}{10}$$
hence that
$$\frac{L(s-1)}{M} > \frac{10}{3} > \log_2(10).$$
So
$$2^{L(s-1)} > 10^M.$$
But our input integer $a$ satisfies $|a| \ge 2^{L(s-1)}$, so $|a|$ is larger than $10^M$. This shows that we don't accidentally capture anything _below_ the intended limit in the check.
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
Co-authored-by: Christian Heimes <christian@python.org>
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 6c3e66a34b95fff07df0ad5086104dd637a091ce)
Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
syntax errors (GH-14612)
https://bugs.python.org/issue37500
Add a new field to the compiler structure that allows to be configured
so no bytecode is emitted. In this way is possible to detect errors by
walking the nodes while preserving optimizations.
https://bugs.python.org/issue37500
(cherry picked from commit 18c5f9d44dde37c0fae5585a604c6027825252d2)
Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
|
| |
|
| |
This reverts commit 1005c84535191a72ebb7587d8c5636a065b7ed79.
|
| |
|
|
|
| |
Partically revert commit c2e1607a51d7a17f143b5a34e8cff7c6fc58a091 to
fix a reference leak.
|
| |
|
|
|
|
|
| |
There are some same consts in a module. This commit merges them into
single instance. It reduces number of objects in memory after loading modules.
https://bugs.python.org/issue34100
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix an off by one error in the peephole optimizer when checking for unreachable code beyond a return.
Do a bounds check within find_op so it can return before going past the end as a safety measure.
https://github.com/python/cpython/commit/7db3c488335168993689ddae5914a28e16188447#diff-a33329ae6ae0bb295d742f0caf93c137
introduced this off by one error while fixing another one nearby.
This bug was shipped in all Python 3.6 and 3.7 releases.
The included unittest won't fail unless you do a clang msan build.
|
| |
|
|
|
|
|
|
|
|
| |
(GH-10284)
Two kind of mistakes:
1. Missed space. After concatenating there is no space between words.
2. Missed comma. Causes unintentional concatenating in a list of strings.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
| |
This fixes also bpo-22091.
|
| |\
| |
| |
| | |
Warnings could be emitted at compile time.
|
| | |\
| | |
| | |
| | | |
Warnings could be emitted at compile time.
|
| | | |
| | |
| | |
| | | |
Warnings could be emitted at compile time.
|
| |/ /
| |
| |
| | |
collections.namedtuple() now supports tuples with more than 255 elements.
|
| | | |
|
| |/
|
|
| |
as path in compile() and similar functions is now deprecated.
|
| |
|
|
| |
an iterable of integers. Now only strings and byte-like objects are accepted.
|
| |
|
|
|
|
|
|
|
| |
Issue #25843: When compiling code, don't merge constants if they are equal but
have a different types. For example, "f1, f2 = lambda: 1, lambda: 1.0" is now
correctly compiled to two different functions: f1() returns 1 (int) and f2()
returns 1.0 (int), even if 1 and 1.0 are equal.
Add a new _PyCode_ConstantKey() private function.
|
| |\
| |
| |
| | |
with a null byte.
|
| | |
| |
| |
| | |
with a null byte.
|
| | | |
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This avoids possible buffer overreads when int(), float(), compile(), exec()
and eval() are passed bytes-like objects. Similar code is removed from the
complex() constructor, where it was not reachable.
Patch by John Leitch, Serhiy Storchaka and Martin Panter.
|
| | | |
|
| | |
| |
| |
| | |
Patch partially by Steve Dougherty.
|
| | | |
|
| |\ \
| |/ |
|
| | | |
|
| |/
|
|
|
|
| |
The concept of .pyo files no longer exists. Now .pyc files have an
optional `opt-` tag which specifies if any extra optimizations beyond
the peepholer were applied.
|
| | |
|
| |
|
|
|
|
|
| |
opcodes in the compiler.
This also fixes a quadratic compilation time issue noticeable when compiling
code with a large number of "and" and "or" operators.
|
| |
|
|
| |
error messages and comments.
|
| |
|
|
|
|
|
| |
Previously, excessive nesting in expressions would blow the
stack and segfault the interpreter. Now, a hard limit based
on the configured recursion limit and a hardcoded scaling
factor is applied.
|
| | |
|
| | |
|
| |
|
|
| |
interactive statement
|
| |
|
|
|
|
| |
unmarshalling (#12190)
This should reduce memory usage.
|
| |\ |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
svn+ssh://svn.python.org/python/branches/py3k
........
r73715 | benjamin.peterson | 2009-07-01 01:06:06 +0200 (Mi, 01 Jul 2009) | 1 line
convert old fail* assertions to assert*
........
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
svn+ssh://pythondev@svn.python.org/python/trunk
........
r79034 | benjamin.peterson | 2010-03-17 15:41:42 -0500 (Wed, 17 Mar 2010) | 1 line
prevent lambda functions from having docstrings #8164
........
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
svn+ssh://pythondev@svn.python.org/python/trunk
........
r77727 | ezio.melotti | 2010-01-24 18:58:36 +0200 (Sun, 24 Jan 2010) | 1 line
use assert[Not]IsInstance where appropriate
........
|
| | | |
|
| | |
| |
| |
| | |
A patch from Dave Malcolm.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
svn+ssh://pythondev@svn.python.org/python/trunk
........
r76230 | benjamin.peterson | 2009-11-12 17:39:44 -0600 (Thu, 12 Nov 2009) | 2 lines
fix several compile() issues by translating newlines in the tokenizer
........
|
| | | |
|
