summaryrefslogtreecommitdiffstats
path: root/Lib/test
Commit message (Collapse)AuthorAgeFilesLines
* [3.3] bpo-30119: fix ftplib.FTP.putline() to throw an error for a illegal ↵Dong-hee Na2017-07-261-1/+5
| | | | command (#1214) (#2885)
* bpo-26657: Fix Windows directory traversal vulnerability with http.server ↵Victor Stinner2017-07-261-0/+19
| | | | | | | | | (#782) (#2860) Based on patch by Philipp Hagemeister. This fixes a regression caused by revision f4377699fd47. (cherry picked from commit d274b3f1f1e2d8811733fb952c9f18d7da3a376a) (cherry picked from commit 6f6bc1da8aaae52664e7747e328d26eb59c0e74f)
* [3.3] bpo-22928: Disabled HTTP header injections in http.client. (#2817)Serhiy Storchaka2017-07-261-0/+56
| | | | | Original patch by Demian Brecht.. (cherry picked from commit a112a8ae47813f75aa8ad27ee8c42a7c2e937d13)
* [3.3] [3.5] bpo-27945: Fixed various segfaults with dict. (GH-1657) ↵Serhiy Storchaka2017-07-261-0/+86
| | | | | | | (GH-1678) (#2396) Based on patches by Duane Griffin and Tim Mitchell. (cherry picked from commit 753bca3934a7618a4fa96e107ad1c5c18633a683). (cherry picked from commit 2f7f533cf6fb57fcedcbc7bd454ac59fbaf2c655)
* [3.3] bpo-30500: urllib: Simplify splithost by calling into urlparse. ↵Victor Stinner2017-07-261-47/+200
| | | | | | | | | | | | | (#1849) (#2292) The current regex based splitting produces a wrong result. For example:: http://abc#@def Web browsers parse that URL as ``http://abc/#@def``, that is, the host is ``abc``, the path is ``/``, and the fragment is ``#@def``. (cherry picked from commit 90e01e50ef8a9e6c91f30d965563c378a4ad26de) (cherry picked from commit cc54c1c0d2d05fe7404ba64c53df4b1352ed2262)
* [3.3] Backport CI config from master and remove skipped imaplib tests (#2481)Victor Stinner2017-07-201-10/+0
| | | | | | | | | | | | | * Backport Travis CI config from master Add .travis.yml for Travis CI. * bpo-30231: Remove skipped test_imaplib tests (#1419) (#2193) The public cyrus.andrew.cmu.edu IMAP server (port 993) doesn't accept TLS connection using our self-signed x509 certificate. Remove the two tests which are already skipped. (cherry picked from commit 7895a0585b4b6a1c8082d17227307c6ce2c8bb8b)
* [security][3.3] bpo-30730: Prevent environment variables injection in ↵Serhiy Storchaka2017-07-191-0/+40
| | | | subprocess on Windows. (GH-2325) (#2363)
* bpo-23844: Fix test_dh_params failureNed Deily2017-07-163-10/+8
|
* Issue #28563: Make plural form selection more lenient and acceptingSerhiy Storchaka2016-11-141-6/+10
| | | | non-integer numbers. Django tests depend on this.
* Issue #28563: Fixed possible DoS and arbitrary code execution when handleSerhiy Storchaka2016-11-081-1/+84
| | | | | plural form selections in the gettext module. The expression parser now supports exact syntax supported by GNU gettext.
* Prevent HTTPoxy attack (CVE-2016-1000110)Senthil Kumaran2016-07-311-0/+13
| | | | | | | Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which indicates that the script is in CGI mode. Issue #27568 Reported and patch contributed by Rémi Rampin.
* Issue #27369: Merge test_pyexpat from 3.2 into 3.3Martin Panter2016-07-141-4/+2
|\
| * Issue #27369: Don’t test error message detail that changed in Expat 2.2.03.2Martin Panter2016-07-141-4/+2
| |
| * #22758: fix regression in handling of secure cookies.R David Murray2016-07-101-1/+39
| | | | | | | | | | This backports the fix from #16611, per discussion with the release manager.
* | Issue #25709: Fixed problem with in-place string concatenation and utf-8 cache.Serhiy Storchaka2015-12-021-0/+17
| |
* | Issue #25940: Merge ETIMEDOUT fix from 3.2 into 3.3Martin Panter2016-01-151-1/+1
|\ \ | |/
| * Issue #25940: On Windows, connecting to port 444 returns ETIMEDOUTMartin Panter2016-01-151-1/+3
| |
* | Issue #25940: Merge self-signed.pythontest.net testing from 3.2 into 3.3Martin Panter2016-01-146-89/+104
|\ \ | |/
| * Issue #25940: Use self-signed.pythontest.net in SSL testsMartin Panter2016-01-145-96/+90
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is instead of svn.python.org, whose certificate recently expired, and whose new certificate uses a different root certificate. The certificate used at the pythontest server was modifed to set the "basic constraints" CA flag. This flag seems to be required for test_get_ca_certs_ capath() to work (in Python 3.4+). Added the new self-signed certificate to capath with the following commands: cp Lib/test/{selfsigned_pythontestdotnet.pem,capath/} c_rehash -v Lib/test/capath/ c_rehash -v -old Lib/test/capath/ # Note the generated file names cp Lib/test/capath/{selfsigned_pythontestdotnet.pem,0e4015b9.0} mv Lib/test/capath/{selfsigned_pythontestdotnet.pem,ce7b8643.0} The new server responds with "No route to host" when connecting to port 444.
| * Issue #25940: Backport self-signed.pythontest.net testing for test_httplibGeorg Brandl2014-11-052-7/+24
| | | | | | | | | | The svn.python.org server recently changed root certificate, causing the test to fail. This backports revision 4985375db40f.
* | Issue #25021: Correctly make sure that product.__setstate__ does not accessKristján Valur Jónsson2015-09-121-0/+10
| | | | | | | | invalid memory.
* | protect against mutation of the dict during insertion (closes #24407)Benjamin Peterson2015-07-051-0/+15
| |
* | merge 3.2 (#22931)Benjamin Peterson2015-05-231-0/+13
|\ \ | |/
| * allow square brackets in cookie values (closes #22931)Benjamin Peterson2015-05-231-0/+14
| |
| * Issue #23055: Fixed a buffer overflow in PyUnicode_FromFormatV. AnalysisSerhiy Storchaka2015-01-271-16/+129
| | | | | | | | and fix by Guido Vranken.
* | be more robust against the filters list changing under us (closes #24096)Benjamin Peterson2015-05-031-0/+12
| |
* | just sort the items tuple directly (closes #24094)Benjamin Peterson2015-05-031-0/+19
| |
* | Issues #23363, #23364, #23365, #23366: Fixed itertools overflow tests.Serhiy Storchaka2015-02-021-7/+5
| | | | | | | | Used PyMem_New to check overflow.
* | reduce memory usage of test (closes #23369)Benjamin Peterson2015-02-021-1/+2
| |
* | check for overflows in permutations() and product() (closes #23363, closes ↵Benjamin Peterson2015-02-021-0/+12
| | | | | | | | #23364)
* | check for overflow in combinations_with_replacement (closes #23365)Benjamin Peterson2015-02-021-1/+5
| |
* | detect overflow in combinations (closes #23366)Benjamin Peterson2015-02-021-0/+5
| |
* | remove extra wsBenjamin Peterson2015-02-011-1/+0
| |
* | fix possible overflow in encode_basestring_ascii (closes #23369)Benjamin Peterson2015-02-011-1/+8
| |
* | Issue #23055: Fixed a buffer overflow in PyUnicode_FromFormatV. AnalysisSerhiy Storchaka2015-01-271-42/+119
| | | | | | | | and fix by Guido Vranken.
* | merge 3.2 (#16043)Benjamin Peterson2014-12-061-1/+22
|\ \ | |/
| * add a default limit for the amount of data xmlrpclib.gzip_decode will return ↵Benjamin Peterson2014-12-061-1/+22
| | | | | | | | (closes #16043)
* | merge 3.2Benjamin Peterson2014-11-051-2/+2
|\ \ | |/
| * use pythontest.net for url fragment testBenjamin Peterson2014-11-051-2/+2
| |
* | merge 3.2Benjamin Peterson2014-11-031-3/+4
|\ \ | |/
| * move idna test domain to pythontest.netBenjamin Peterson2014-11-031-3/+4
| |
| * #16040: fix unlimited read from connection in nntplib.Georg Brandl2014-10-121-0/+10
| |
| * ref #19855: skip uuid test_find_mac on non-Posix as in later branchesGeorg Brandl2014-10-011-2/+3
| |
| * Issue #19855: uuid.getnode() on Unix now looks on the PATH for theGeorg Brandl2014-09-301-0/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | executables used to find the mac address, with /sbin and /usr/sbin as fallbacks. Issue #11508: Fixed uuid.getnode() and uuid.uuid1() on environment with virtual interface. Original patch by Kent Frazier. Issue #18784: The uuid module no more attempts to load libc via ctypes.CDLL, if all necessary functions are already found in libuuid. Patch by Evgeny Sologubov. Issue #16102: Make uuid._netbios_getnode() work again on Python 3.
| * Backport b533cc11d114 to fix intermittent test_urllibnet failures.Georg Brandl2014-09-301-1/+1
| |
| * Issue #20939: Use www.example.com instead of www.python.org to avoid testNed Deily2014-03-272-18/+18
| | | | | | | | failures when ssl is not present.
| * Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to limitGeorg Brandl2014-09-301-0/+11
| | | | | | | | line length. Patch by Emil Lind.
| * Issue #22421 - Secure pydoc server run. Bind it to localhost instead of all ↵Georg Brandl2014-09-171-0/+2
| | | | | | | | interfaces.
| * Lax cookie parsing in http.cookies could be a security issue when combinedAntoine Pitrou2014-09-161-0/+9
| | | | | | | | | | | | with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov.
| * Issue #22419: Limit the length of incoming HTTP request in wsgiref server toGeorg Brandl2014-09-301-0/+5
| | | | | | | | | | 65536 bytes and send a 414 error code for higher lengths. Patch contributed by Devin Cook.
generated by cgit v0.12 at 2025-12-26 12:32:29 (GMT)