summaryrefslogtreecommitdiffstats
path: root/Lib/test/test_decimal.py
Commit message (Collapse)AuthorAgeFilesLines
* [3.8] gh-95778: CVE-2020-10735: Prevent DoS by very large int() (#96503)Gregory P. Smith2022-09-051-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Correctly pre-check for int-to-str conversion Converting a large enough `int` to a decimal string raises `ValueError` as expected. However, the raise comes _after_ the quadratic-time base-conversion algorithm has run to completion. For effective DOS prevention, we need some kind of check before entering the quadratic-time loop. Oops! =) The quick fix: essentially we catch _most_ values that exceed the threshold up front. Those that slip through will still be on the small side (read: sufficiently fast), and will get caught by the existing check so that the limit remains exact. The justification for the current check. The C code check is: ```c max_str_digits / (3 * PyLong_SHIFT) <= (size_a - 11) / 10 ``` In GitHub markdown math-speak, writing $M$ for `max_str_digits`, $L$ for `PyLong_SHIFT` and $s$ for `size_a`, that check is: $$\left\lfloor\frac{M}{3L}\right\rfloor \le \left\lfloor\frac{s - 11}{10}\right\rfloor$$ From this it follows that $$\frac{M}{3L} < \frac{s-1}{10}$$ hence that $$\frac{L(s-1)}{M} > \frac{10}{3} > \log_2(10).$$ So $$2^{L(s-1)} > 10^M.$$ But our input integer $a$ satisfies $|a| \ge 2^{L(s-1)}$, so $|a|$ is larger than $10^M$. This shows that we don't accidentally capture anything _below_ the intended limit in the check. <!-- gh-issue-number: gh-95778 --> * Issue: gh-95778 <!-- /gh-issue-number --> Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org> Co-authored-by: Christian Heimes <christian@python.org> Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
* [3.8] Revert bpo-39576: Prevent memory error for overly optimistic ↵Stefan Krah2020-06-081-35/+0
| | | | | precisions (GH-20747) This reverts commit b6271025c640c228505dc9f194362a0c2ab81c61.
* bpo-39576: Prevent memory error for overly optimistic precisions (GH-18581) ↵Miss Islington (bot)2020-02-211-0/+35
| | | | | | | (#18584) (cherry picked from commit 90930e65455f60216f09d175586139242dbba260) Authored-by: Stefan Krah <skrah@bytereef.org>
* bpo-35133: Fix mistakes when concatenate string literals on different lines. ↵Serhiy Storchaka2018-11-051-2/+2
| | | | | | | | | | (GH-10284) Two kind of mistakes: 1. Missed space. After concatenating there is no space between words. 2. Missed comma. Causes unintentional concatenating in a list of strings.
* bpo-33750: Reset thread-local context precision in test_round(). (#7355)Stefan Krah2018-06-031-11/+11
|
* bpo-31234: Join threads in tests (#3572)Victor Stinner2017-09-141-0/+3
| | | | Call thread.join() on threads to prevent the "dangling threads" warning.
* bpo-31370: Remove support for threads-less builds (#3385)Antoine Pitrou2017-09-071-6/+3
| | | | | | * Remove Setup.config * Always define WITH_THREAD for compatibility.
* bpo-29919: Remove unused imports found by pyflakes (#137)Victor Stinner2017-03-271-2/+1
| | | Make also minor PEP8 coding style fixes on modified imports.
* Fixed #29534 - _decimal difference with _pydecimal (#65)Andrew Nester2017-02-141-0/+10
|
* Remove unused imports.Serhiy Storchaka2016-12-161-2/+0
|
* Issue #26331: Implement the parsing part of PEP 515.Brett Cannon2016-09-091-0/+10
| | | | Thanks to Georg Brandl for the patch.
* Merge 3.5.Stefan Krah2016-07-171-0/+28
|\
| * Issue #26974: Fix segfault in the presence of absurd subclassing. ProactivelyStefan Krah2016-07-171-0/+28
| | | | | | | | eliminate all internal uses of overridden methods.
* | Merge 3.5.Stefan Krah2016-06-201-1/+4
|\ \ | |/
| * Issue #27006: from_float(): call the subclass' __new__() and __init__().Stefan Krah2016-06-201-1/+4
| |
| * Issue #26621: Remove unnecessary test.Stefan Krah2016-03-231-1/+0
| |
* | Issue #26621: Update libmpdec version and remove unnecessary test case.Stefan Krah2016-03-231-1/+0
| |
* | Issue #25928: Add Decimal.as_integer_ratio(). Python parts and docs byStefan Krah2015-12-281-0/+33
|/ | | | Mark Dickinson.
* Issue #22777: Test pickling with all protocols.Serhiy Storchaka2014-12-151-96/+98
|\
| * Issue #22777: Test pickling with all protocols.Serhiy Storchaka2014-12-151-96/+98
| |
* | Issue #19232: Speed up decimal import. Additionally, since _decimal isStefan Krah2014-09-101-3/+1
| | | | | | | | | | self-contained, this change facilitates maintenance and the Python version can be easily imported for experimentation.
* | Merge 3.4.Stefan Krah2014-08-261-0/+5
|\ \ | |/
| * Issue #22090: Fix '%' formatting for infinities and NaNs.Stefan Krah2014-08-261-0/+5
| |
* | Issue #18492: Merge with 3.4Zachary Ware2014-06-021-2/+2
|\ \ | |/
| * Issue #18492: Allow all resources when tests are not run by regrtest.py.Zachary Ware2014-06-021-2/+2
| | | | | | | | This changeset also includes cleanup allowed by this behavior change.
| * Issue #21374: Fix pickling of DecimalTuple.Stefan Krah2014-04-291-0/+17
| |
* | Fix typo and tests without docstrings.Stefan Krah2014-05-011-2/+3
| |
* | Issue #21407: _decimal now supports function signatures.Stefan Krah2014-05-011-0/+138
| |
* | Issue #10650: Remove the non-standard 'watchexp' parameter from theStefan Krah2014-04-301-12/+0
| | | | | | | | | | Decimal.quantize() method in the Python version. It had never been present in the C version.
* | Issue #21374: Fix pickling of DecimalTuple.Stefan Krah2014-04-291-0/+17
|/
* Avoid UnicodeEncodeError by only printing ASCII.Zachary Ware2013-12-121-2/+2
| | | | | This fixes running test_decimal in verbose mode on Windows, which I broke in issue #19572.
* Issue 19572: More silently skipped tests explicitly skipped.Zachary Ware2013-12-081-11/+8
|
* 1) Prepare libmpdec for the 2.4.0 release. None of the following changes ↵Stefan Krah2013-11-241-0/+1
| | | | | | | | | | | | | | | | | | affects _decimal: o Make all "mpd_t to C integer" conversion functions available in both the 64-bit and the 32-bit versions. o Make all mixed mpd_t/C integer arithmetic functions available in the 32-bit version. o Better handling of __STDC_LIMIT_MACROS for C++ users. o Add struct tags (at the request of C++ users). 2) Check for libmpdec.so.2 if --with-system-libmpdec is used.
* Issue #18783: Removed existing mentions of Python long type in docstrings,Serhiy Storchaka2013-08-271-1/+1
| | | | error messages and comments.
* Backport bff16086f03b and bcaaaa00425b.Stefan Krah2013-05-291-0/+13
|
* Issue #17768: Support newline fill character in decimal.py and NUL fillStefan Krah2013-05-291-0/+4
| | | | character in _decimal.c.
* Issue #17047: remove doubled words added in 3.3Terry Jan Reedy2013-03-111-1/+1
| | | | as reported by Serhiy Storchaka and Matthew Barnett.
* Since the return type of format() is not a Decimal, raise ValueError instead ofStefan Krah2013-01-241-10/+4
| | | | | InvalidOperation if the format specification (width, prec) exceeds the internal limits of libmpdec.
* Issue #16422: Use strings for rounding mode constants for better readabilityStefan Krah2013-01-161-65/+54
| | | | and pickling compatibility.
* Issue #15783: Support None default values in the Context() constructor.Stefan Krah2012-12-161-0/+21
|
* Issue #15783: Except for the number methods, the C version of decimal nowStefan Krah2012-12-151-8/+294
| | | | | supports all None default values present in decimal.py. These values were largely undocumented.
* Accept Unicode legacy strings in the Decimal constructor.Stefan Krah2012-11-101-1/+10
|
* Issue #16431: Finally, consider all permutations.Stefan Krah2012-11-081-9/+24
|
* Issue #16431: Also fix the opposite direction.Stefan Krah2012-11-071-0/+4
|
* Issue #16431: Use the type information when constructing a Decimal subtypeStefan Krah2012-11-071-0/+5
| | | | from a Decimal argument.
* Closes #16080: The decorator ignores failed attempts to set the requiredStefan Krah2012-09-281-0/+6
| | | | locale, so an additional check is required.
* Issue #16080: Use run_with_locale() decorator to reset the locale properly.Stefan Krah2012-09-281-7/+3
|
* Issue #15882: Change _decimal to accept any coefficient tuple whenStefan Krah2012-09-101-7/+10
| | | | | | constructing infinities. This is done for backwards compatibility with decimal.py: Infinity coefficients are undefined in _decimal (in accordance with the specification).
* Issue #15544: Fix Decimal.__float__ to work with payload-carrying NaNs.Mark Dickinson2012-08-241-0/+16
|
* Allow printing a leading '-' and the maximum number of exponent digitsStefan Krah2012-04-051-0/+48
| | | | | rather than raising RuntimeError (allocated space is sufficient for the additional character).
generated by cgit v0.12 at 2026-03-02 13:27:21 (GMT)