summaryrefslogtreecommitdiffstats
path: root/Lib/test
Commit message (Collapse)AuthorAgeFilesLines
* - Issue #16040: CVE-2013-1752: nntplib: Limit maximum line lengths to 2048 toBarry Warsaw2013-09-301-0/+65
| | | | | prevent readline() calls from consuming too much memory. Patch by Jyrki Pulliainen.
* - Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 toBarry Warsaw2013-09-301-0/+71
| | | | | prevent readline() calls from consuming too much member. Patch by Jyrki Pulliainen.
* - Issue #16037: HTTPMessage.readheaders() raises an HTTPException when moreBarry Warsaw2013-09-291-0/+7
| | | | than 100 headers are read. Adapted from patch by Jyrki Pulliainen.
* - Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read byBarry Warsaw2013-09-251-1/+21
| | | | | | | limiting the call to readline(). Original patch by Michał Jastrzębski and Giampaolo Rodola. with test fixes by Serhiy Storchaka.
* - Issue #16039: CVE-2013-1752: Change use of readline in imaplib module toBarry Warsaw2013-09-221-0/+10
| | | | limit line length. Patch by Emil Lind.
* #14984: On POSIX, enforce permissions when reading default .netrc.R David Murray2013-09-161-1/+22
| | | | | | | | Initial patch by Bruno Piguet. This is implemented as if a useful .netrc file could exist without passwords, which is possible in the general case; but in fact our netrc implementation does not support it. Fixing that issue will be an enhancement.
* #16042: CVE-2013-1752: Limit amount of data read by limiting the call to ↵Andrew Kuchling2013-09-151-1/+28
| | | | | | | | | | readline(). The SSLFakeFile.readline() method needs to support limiting readline() as well. It's not a full emulation of readline()'s signature, but this class is only used by smtplib's code, so it doesn't have to be. Modified version of original patch by Christian Heimes.
* Python 2.6's ssl module has neither OPENSSL_VERSION_INFO nor ↵Christian Heimes2013-09-031-15/+6
| | | | _OPENSSL_API_VERSION
* Issue #18709: Fix issue with IPv6 address in subjectAltName on Mac OS X TigerChristian Heimes2013-08-251-7/+15
|
* - Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytesBarry Warsaw2013-08-233-32/+146
| | | | | | | inside subjectAltName correctly. Formerly the module has used OpenSSL's GENERAL_NAME_print() function to get the string represention of ASN.1 strings for `rfc822Name` (email), `dNSName` (DNS) and `uniformResourceIdentifier` (URI).
* Back port from 2.7:Barry Warsaw2012-02-221-2/+5
| | | | | | | | | http://hg.python.org/cpython/rev/48705250232c changeset: 75187:48705250232c branch: 2.7 parent: 75184:9a1d902714ae user: Antoine Pitrou <solipsis@pitrou.net> date: Wed Feb 22 22:16:25 2012 +0100
* Backport from 2.7:Barry Warsaw2012-02-221-3/+4
| | | | | | | | | changeset: 75153:9b7c6dd19e25 branch: 2.7 parent: 75151:b1a02c17b327 user: Antoine Pitrou <solipsis@pitrou.net> date: Tue Feb 21 22:02:04 2012 +0100 files: Lib/test/test_os.py
* Backport from 2.7 branch.Barry Warsaw2012-02-221-2/+8
| | | | | | | changeset: 75165:780008020c40 user: Antoine Pitrou <solipsis@pitrou.net> date: Wed Feb 22 03:33:56 2012 +0100 summary: Fix (presumably) test_hash under big-endian systems (PPC).
* Whitespace normalizationBarry Warsaw2012-02-211-1/+1
|
* - Issue #13703: oCERT-2011-003: add -R command-line option and PYTHONHASHSEEDBarry Warsaw2012-02-217-19/+222
| | | | | | environment variable, to provide an opt-in way to protect against denial of service attacks due to hash collisions within the dict and set types. Patch by David Malcolm, based on work by Victor Stinner.
* Back port Python 2.7 fix for test_invalid_redirect() in test_urllib.py.Barry Warsaw2012-02-201-0/+1
|
* Merge issue 11662 from 2.5.Guido van Rossum2011-03-292-0/+35
|\
| * Add tests for the urllib[2] vulnerability. Change to raise exceptions.guido@google.com2011-03-282-0/+35
| |
| * Add .hgeol file and fix newlines in the 2.5 branch.Georg Brandl2011-03-051-31/+31
| |
| * #6990: clear threading.local's key only after its thread state is removed:Philip Jenvey2009-09-291-1/+40
| | | | | | | | | | | | fixes local subclasses leaving old state around after a ref cycle GC which could be recycled by new locals (backported from r75123)
| * Issue #5068: Fixed the tarfile._BZ2Proxy.read() method that would loopLars Gustäbel2009-03-221-1/+24
| | | | | | | | | | | | | | | | forever on incomplete input. That caused tarfile.open() to hang when used with mode 'r' or 'r:bz2' and a fileobj argument that contained no data or partial bzip2 compressed data. (backported from r70523)
| * Revert patch for #1706039, as it can crash the interpreter.Martin v. Löwis2008-12-231-42/+0
| |
| * Backport of r67908:Martin v. Löwis2008-12-231-0/+2
| | | | | | | | | | Added test case to ensure attempts to read from a file opened for writing fail.
| * Issue #1706039: Support continued reading from a file even afterMartin v. Löwis2008-12-131-0/+42
| | | | | | | | EOF was hit.
| * Backport of r66703:Martin v. Löwis2008-12-131-0/+6
| | | | | | | | | | Issue #3863: Disabled a unit test of fork being called from a thread when running on platforms known to exhibit OS bugs when attempting that.
| * Issue #4228: Pack negative values the same way as 2.4Martin v. Löwis2008-12-131-0/+13
| | | | | | | | in struct's L format.
| * Issue #4084: fix bug in handling of NaNs in Decimal.max, Decimal.min,Mark Dickinson2008-12-111-0/+17
| | | | | | | | Decimal.max_mag and Decimal.min_mag.
| * Backport issue 4597 to python 2.5.3: Fixed several opcodes that weren't alwaysJeffrey Yasskin2008-12-101-0/+14
| | | | | | | | propagating exceptions.
| * Backported issue #4589 to Python 2.5.3: Propagated an exception thrown by aJeffrey Yasskin2008-12-101-0/+30
| | | | | | | | context manager's __exit__ method's result while it's being converted to bool.
| * #4317: Fix an Array Bounds Read in imageop.rgb2rgb8.Amaury Forgeot d'Arc2008-11-181-1/+2
| | | | | | | | Backport of r67266
| * backport r67246 from the trunkBenjamin Peterson2008-11-171-9/+50
| |
| * backport r67077 from the trunk: parser module now correctly validates ↵Benjamin Peterson2008-11-031-0/+2
| | | | | | | | relative imports
| * Issue #4176: Pickle would crash the interpreter when a __reduce__ functionAmaury Forgeot d'Arc2008-10-301-0/+23
| | | | | | | | | | | | | | does not return an iterator for the 4th and 5th items. (sequence-like and mapping-like state) Backport of r67049.
| * backport r66689: imageop could segfault due to poor argument validationBenjamin Peterson2008-09-301-7/+62
| |
| * Backport of r66677: _lsprof crasher when a bad external timer is used duringBrett Cannon2008-09-291-2/+17
| | | | | | | | garbage collection of a Profiler object.
| * #3967: Correct a crash in count() and find() methods of string-like objects.Amaury Forgeot d'Arc2008-09-261-0/+16
| | | | | | | | | | | | | | For example: "".count("xxxx", sys.maxint, 0) Backport of r66631.
| * make sure to give a 'as' and 'with' parser warning even after import ↵Benjamin Peterson2008-09-251-1/+34
| | | | | | | | statements #3936
| * backport r66496: integer overflow in _hashopenssl #3886Benjamin Peterson2008-09-181-2/+16
| |
| * Issue #3804: Added test for Issue #2222.Hirokazu Yamamoto2008-09-081-0/+7
| | | | | | | | Reviewed by Benjamin Peterson.
| * Issue #3751: str.rpartition would perform a left-partition when called withAmaury Forgeot d'Arc2008-09-011-0/+5
| | | | | | | | | | | | a unicode argument. Backport of r66119
| * let Windows bots pass on test_threadingBenjamin Peterson2008-08-231-1/+2
| |
| * Reverted r65902. See ↵Hirokazu Yamamoto2008-08-201-7/+3
| | | | | | | | http://mail.python.org/pipermail/python-checkins/2008-August/073116.html
| * Backport r65900: fixed get_file_system in test_os.py ('path' is unicode on ↵Hirokazu Yamamoto2008-08-201-5/+8
| | | | | | | | py3k and ansi on trunk)
| * Backport of r64767 from trunkGregory P. Smith2008-08-171-0/+11
| | | | | | | | | | | | Fixes Issue #3309: Fix bz2.BZFile iterator to release its internal lock properly when raising an exception due to the bz2file being closed. Prevents a deadlock.
| * Backport of r65032 from trunkGregory P. Smith2008-08-171-1/+78
| | | | | | | | | | | | Fixes Issue #874900: after an os.fork() call the threading module state is cleaned up in the child process to prevent deadlock and report proper thread counts if the new process uses the threading module.
| * - Issue #3537: Fix an assertion failure when an empty but presized dictGeorg Brandl2008-08-111-0/+11
| | | | | | | | object was stored in the freelist. (backport from r65637.)
| * (backport of r61652 and r61665 from trunk)Gregory P. Smith2008-08-041-0/+29
| | | | | | | | | | Issue #1471: Arguments to fcntl.ioctl are no longer broken on 64-bit OpenBSD and similar platforms due to sign extension.
| * Security patches from Apple: prevent int overflow when allocating memoryNeal Norwitz2008-07-314-9/+154
| |
| * #2242: utf7 decoding crashes on bogus input on some Windows/MSVC versionsAntoine Pitrou2008-07-251-0/+3
| |
| * Issue #3360: Fix incorrect parsing of '020000000000.0'.Mark Dickinson2008-07-161-0/+4
| | | | | | | | This is a backport of r65005.
generated by cgit v0.12 at 2025-12-27 13:45:07 (GMT)