| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Issue #4469: Prevent expandtabs() on string and unicode
objects from causing a segfault when a large width is passed
on 32-bit platforms.
|
| | |
|
| |
|
|
| |
Backport of r67266
|
| | |
|
| |
|
|
|
|
| |
segfault as a result. CVE-2008-4864.
backport r66689
|
| |
|
|
|
|
|
|
| |
parameter but was not verifying that it was greater than zero. Values
less than zero will now raise a SystemError and return NULL to indicate a
bug in the calling C code. CVE-2008-1887.
backport r62261, r62271
|
| |
|
|
| |
conditions in the PyOS_vsnprintf C API function. CVE-2008-3144.
|
| |
|
|
| |
zlib.decompressobj().flush(val) when val is not positive.
|
| |
|
|
| |
overflows in the imageop and rgbimgmodule modules.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
to the signed max value similar to 2.5 and trunk.
Issue #2620: Overflow checking when allocating or reallocating memory
was not always being done properly in some python types and extension
modules. PyMem_MALLOC, PyMem_REALLOC, PyMem_NEW and PyMem_RESIZE have
all been updated to perform better checks and places in the code that
would previously leak memory on the error path when such an allocation
failed have been fixed.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Added checks for integer overflows, contributed by Google. Some are
only available if asserts are left in the code, in cases where they
can't be triggered from Python code.
|
| |
|
|
|
|
|
| |
problems:
52448, 52468, 52472, 52475, 52646, 52797, 52802, 52863, 52999, 53001,
53101, 53371, 53373, 53383, 53384, 53736, 53812, 53921, 55578, 55580,
55581, 55772, 55775, 56557, 57093, 57094, 58630, 60114
|
| |
|
|
|
|
| |
- Issue #1336: fix a race condition in subprocess.Popen if the garbage
collector kicked in at the wrong time that would cause the process
to hang when the child wrote to stderr.
|
| |
|
|
|
|
| |
Bug #1728403: Fix a bug that CJKCodecs StreamReader hangs when it
reads a file that ends with incomplete sequence and sizehint argument
for .read() is specified.
|
| |
|
|
|
|
| |
the traceback inadvertently or maliciously closing the comment and
injecting HTML into the error page.
(backport from rev. 55348)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
SF patch #1630975: Fix crash when replacing sys.stdout in sitecustomize
When running the interpreter in an environment that would cause it to set
stdout/stderr/stdin's encoding, having a sitecustomize that would replace
them with something other than PyFile objects would crash the interpreter.
Fix it by simply ignoring the encoding-setting for non-files.
This could do with a test, but I can think of no maintainable and portable
way to test this bug, short of adding a sitecustomize.py to the buildsystem
and have it always run with it (hmmm....)
|
| | |
|
| | |
|
| |
|
|
| |
sys.callstats() match its docstring.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Repair so that it's back to how it was in 2.4.3.
Needs to be forward-ported to 2.5 branch and trunk.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
_bsddb on Windows (Martin recently repaired that -- thanks!).
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
fixing an unlikely crash bug in dict resizing, SF
bug 1456209.
The rest of rev 46589 changes whether Python suppresses
exceptions during some dict-related comparisons. While I
think that's a good idea, it does change visible behavior at
times, and there was already some complaining about that on
the trunk. Not a good idea for backporting. The part of
46589 checked in here can at worst stop segfaults, and I doubt
anyone will gripe about that ;-)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- reset errno before calling confstr - use confstr() doc to simplify
checks afterwards
- Correct implementation and documentation of os.confstr. Add a simple
test case. I've yet to figure out how to provoke a None return I can test.
- Address issues brought up by MvL on python-checkins.
I tested this with valgrind on amd64.
The man pages I found for diff architectures are inconsistent on this.
I'm not entirely sure this change is correct for all architectures
either.
Perhaps we should just over-allocate and not worry about it?
The change to return None instead of "" in case of unconfigured
values has not been backported.
|
| | |
|
| |
|
|
| |
Modules".
|
| |
|
|
|
| |
Bug #1572832: fix a bug in ISO-2022 codecs which may cause segfault
when encoding non-BMP unicode characters. (Submitted by Ray Chason)
|
| |
|
|
|
| |
Handle allocation failures gracefully. Found with failmalloc.
Many (all?) of these could be backported.
|
| |
|
|
|
|
| |
Cause a PyObject_Malloc() failure to trigger a MemoryError, and then
add 'if (PyErr_Occurred())' checks to various places so that NULL is
returned properly.
|
| |
|
|
|
|
|
| |
Fix segfault when doing string formatting on subclasses of long if
__oct__, __hex__ don't return a string.
Klocwork 308
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* unified the way intobject, longobject and mystrtoul handle
values around -sys.maxint-1.
* in general, trying to entierely avoid overflows in any computation
involving signed ints or longs is extremely involved. Fixed a few
simple cases where a compiler might be too clever (but that's all
guesswork).
* more overflow checks against bad data in marshal.c.
|
| |
|
|
| |
on undefined behaviour of the C compiler anymore.
|
| |
|
|
| |
Make staticmethod and classmethod complain about keyword args.
|
