summaryrefslogtreecommitdiffstats
path: root/Modules
Commit message (Collapse)AuthorAgeFilesLines
* [2.7] closes bpo-38174: Update vendored expat library to 2.2.8. (GH-16408)Benjamin Peterson2019-09-2619-4836/+3970
| | | | | | Fixes CVE-2019-15903. See full changelog at https://github.com/libexpat/libexpat/blob/R_2_2_8/expat/Changes.. (cherry picked from commit 52b940803860e37bcc3f6096b2d24e7c20a0e807) Co-authored-by: Benjamin Peterson <benjamin@python.org>
* [2.7] bpo-38175: Fix a memory leak in comparison of sqlite3.Row objects. ↵Serhiy Storchaka2019-09-171-5/+7
| | | | | | (GH-16155). (GH-16215) (cherry picked from commit 8debfa50407107ff2329d01081cdc12d359f1d12)
* bpo-33936: Don't call obsolete init methods with OpenSSL 1.1.0+ (GH-16140)Miss Islington (bot)2019-09-161-1/+1
| | | | | | | | ``OPENSSL_VERSION_1_1`` was never defined in ``_hashopenssl.c``. https://bugs.python.org/issue33936 (cherry picked from commit 724f1a57231f9287c37255adf0e4364d12cf693d) Co-authored-by: Christian Heimes <christian@python.org>
* [2.7] bpo-38168: Fix a possbile refleak in setint() of mmapmodule.c ↵Xiang Zhang2019-09-161-1/+2
| | | | | | | | | (GH-16136) (GH-16176) (cherry picked from commit 56a4514) Co-authored-by: Hai Shi shihai1992@gmail.com https://bugs.python.org/issue38168
* [2.7] bpo-35264: Modules/_ssl.c: fix build with OpenSSL 1.1.0 (GH-10570)Alexandru Ardelean2019-09-111-2/+2
| | | | | | | | | | | | | | | Fixes a build error with OpenSSL 1.1.0. There is already code in the `_ssl.c` that handles all the weird cases of the NPN config macros (with various OpenSSL & LibreSSL versions). That code will provide a HAVE_NPN variable, which should be used in the rest of the code to check whether (or what) to compile regarding NPN. This change adds HAVE_NPN in the remaining places where it should have been placed. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com> https://bugs.python.org/issue35264
* bpo-37445: Include FORMAT_MESSAGE_IGNORE_INSERTS in FormatMessageW() calls ↵Zackery Spytz2019-09-111-1/+3
| | | | | | | | (GH-15822) If FormatMessageW() is passed the FORMAT_MESSAGE_FROM_SYSTEM flag without FORMAT_MESSAGE_IGNORE_INSERTS, it will fail if there are insert sequences in the message definition. (cherry picked from commit a656365)
* [2.7] bpo-34410: Fix a crash in the tee iterator when re-enter it. ↵Serhiy Storchaka2019-09-091-0/+9
| | | | | | | (GH-15625) (GH-15740) RuntimeError is now raised in this case. (cherry picked from commit 526a01467b3277f9fcf7f91e66c23321caa1245d)
* bpo-34521: Fix FD transfer in multiprocessing on FreeBSD (GH-15422)Victor Stinner2019-08-231-1/+1
| | | | Fix file descriptors transfer in multiprocessing on FreeBSD: use CMSG_SPACE() rather than CMSG_LEN(); see RFC 3542.
* Put pyexpatns.h include back. bpo-37437 (GH-14539)Miss Islington (bot)2019-07-021-0/+4
| | | | | (cherry picked from commit 2cd07920bb7d2d319999394092190f37935dc421) Co-authored-by: Benjamin Peterson <benjamin@python.org>
* closes bpo-37437: Update vendorized expat to 2.2.7. (GH-14436)Miss Islington (bot)2019-06-286-28/+21
| | | | | (cherry picked from commit 3b03b09fc94425915c5b1225e9200a3a95bc827b) Co-authored-by: Benjamin Peterson <benjamin@python.org>
* [2.7] Fix name of '\0'. (GH-14225)Benjamin Peterson2019-06-191-1/+1
| | | | '\0' is the NUL byte not NULL.. (cherry picked from commit 7821b4c6d29933511d50bb42255e39790c6abf00)
* [2.7] bpo-37188: Fix a divide-by-zero in arrays of size-0 objects (#13906)Eric Wieser2019-06-081-1/+1
|
* [2.7] bpo-37170: Fix the cast on error in PyLong_AsUnsignedLongLongMask() ↵Zackery Spytz2019-06-071-0/+22
| | | | | | | (GH-13860) (GH-13898) (cherry picked from commit dc2476500d91082f0c907772c83a044bf49af279) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* bpo-36504: Fix signed integer overflow in _ctypes.c's PyCArrayType_new(). ↵Zackery Spytz2019-04-031-1/+1
| | | | | (GH-12660) (GH-12678) (cherry picked from commit 487b73ab39c80157474821ef9083f51e0846bd62)
* bpo-36150: Fix possible assertion failures due to _ctypes.c's ↵Zackery Spytz2019-03-311-4/+6
| | | | | PyCData_reduce(). (GH-12106) (GH-12643) (cherry picked from commit 5f2c50810a67982b0c80f6d3258fee3647f67005)
* bpo-36430: Fix a possible reference leak in itertools.count(). (GH-12551) ↵Miss Islington (bot)2019-03-261-0/+1
| | | | | | | (GH-12554) (cherry picked from commit 0523c39e7720b82b38ad793d3f1a5681adcdf873) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* [2.7] bpo-36421: Fix ref counting bugs in _ctypes.c's PyCArrayType_new(). ↵Zackery Spytz2019-03-251-3/+10
| | | | | (GH-12534) Add missing Py_DECREF()s.
* bpo-36337: socket.send()/sendall() use Py_ssize_t (GH-12397)Stéphane Wirtel2019-03-191-8/+21
| | | | Fix buffer overflow in send() and sendall() methods of socket.socket for data larger than 2 GiB.
* [2.7] bpo-36289: Fix a possible reference leak in the io module (GH-12329)stratakis2019-03-141-0/+1
| | | | | Fix a reference leak in _bufferedreader_read_all(): _io.BufferedIOMixin.read() leaks a reference on 'data' when it reads the whole file content but flush() fails.
* [2.7] bpo-36291: Fix a possible reference leak in the json module (GH-12330)stratakis2019-03-141-1/+3
| | | | | | Fix a reference leak in json if parsing a floating point number fails. If PyOS_string_to_double() fails in _match_number_str(): decrement numstr ref counter.
* [2.7] bpo-36212: Fix two possible reference leaks in the hotshot module ↵stratakis2019-03-141-1/+4
| | | | | (GH-12327) Fix reference leaks in _hotshot.LogReaderType on PyTuple_New() failure.
* bpo-36147: Fix a memory leak in ctypes s_get() (GH-12102)stratakis2019-03-061-17/+9
| | | | | The s_get() function leaks the result variable on low memory. Partially backport commit 19b52545df898ec911c44e29f75badb902924c0 to fix it.
* [2.7] bpo-36186: Fix linuxaudiodev.linux_audio_device() error handling ↵stratakis2019-03-061-0/+2
| | | | | | (GH-12163) Fix linuxaudiodev.linux_audio_device() error handling: close the internal file descriptor if it fails to open the device.
* [2.7] bpo-36149 Fix potential use of uninitialized memory in cPickle (#12105)T. Wouters2019-03-041-5/+8
| | | | Fix off-by-one bug in cPickle that caused it to use uninitialised memory on truncated pickles read from FILE*s.
* [2.7] bpo-36179: Fix ref leaks in _hashopenssl (GH-12158) (GH-12166)Christian Heimes2019-03-041-6/+8
| | | | | | | | | | | | | | | Fix two unlikely reference leaks in _hashopenssl. The leaks only occur in out-of-memory cases. Thanks to Charalampos Stratakis. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue36179. (cherry picked from commit b7bc283ab6a23ee98784400ebffe7fe410232a2e) Co-authored-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue36179
* [2.7] bpo-13096: Fix memory leak in ctypes POINTER handling of large values ↵stratakis2019-03-041-0/+1
| | | | (GH-12100)
* [2.7] bpo-36106: resolve sinpi name clash with libm (IEEE-754 violation). ↵Dima Pasechnik2019-02-261-4/+4
| | | | | | | | | | | (GH-12027) (GH-12050) The standard math library (libm) may follow IEEE-754 recommendation to include an implementation of sinPi(), i.e. sinPi(x):=sin(pi*x). And this triggers a name clash, found by FreeBSD developer Steve Kargl, who worked on putting sinpi into libm used on FreeBSD (it has to be named "sinpi", not "sinPi", cf. e.g. https://en.cppreference.com/w/c/experimental/fpext4).
* [2.7] bpo-32947: Fixes for TLS 1.3 and OpenSSL 1.1.1 (GH-8761) (GH-11876)stratakis2019-02-151-0/+4
| | | | | | | | | | | | | | | Backport of TLS 1.3 related fixes from 3.7. Misc fixes and workarounds for compatibility with OpenSSL 1.1.1 from git master and TLS 1.3 support. With OpenSSL 1.1.1, Python negotiates TLS 1.3 by default. Some test cases only apply to TLS 1.2. OpenSSL 1.1.1 has added a new option OP_ENABLE_MIDDLEBOX_COMPAT for TLS 1.3. The feature is enabled by default for maximum compatibility with broken middle boxes. Users should be able to disable the hack and CPython's test suite needs it to verify default options Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit 2a4ee8aa01d61b6a9c8e9c65c211e61bdb471826)
* [2.7] bpo-28043: improved default settings for SSLContext (GH-10608)stratakis2019-02-151-0/+31
| | | | | | | | | The options OP_NO_COMPRESSION, OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE, OP_SINGLE_ECDH_USE, OP_NO_SSLv2 (except for PROTOCOL_SSLv2), and OP_NO_SSLv3 (except for PROTOCOL_SSLv3) are set by default. The initial cipher suite list contains only HIGH ciphers, no NULL ciphers and MD5 ciphers (except for PROTOCOL_SSLv2). (cherry picked from commit 358cfd426ccc0fcd6a7940d306602138e76420ae)
* bpo-35746: Fix segfault in ssl's cert parser (GH-11569)Miss Islington (bot)2019-01-151-0/+4
| | | | | | | | | | | | Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue35746 (cherry picked from commit a37f52436f9aa4b9292878b72f3ff1480e2606c3) Co-authored-by: Christian Heimes <christian@python.org>
* [2.7] bpo-8765: Deprecate writing unicode to binary streams in Py3k mode. ↵Serhiy Storchaka2019-01-152-1/+16
| | | | (GH-11127)
* bpo-35504: Fix segfaults and SystemErrors when deleting certain attrs. ↵Zackery Spytz2018-12-204-0/+16
| | | | | (GH-11175) (GH-11249) (cherry picked from commit 842acaab1376c5c84fd5966bb6070e289880e1ca)
* bpo-35529: Fix a reference counting bug in PyCFuncPtr_FromDll(). (GH-11229)Miss Islington (bot)2018-12-201-5/+8
| | | | | | | "dll" would leak if an error occurred in _validate_paramflags() or GenericPyCData_new(). (cherry picked from commit d77d97c9a1f593fe161afab97e2a3e2292ab88b9) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* [2.7] bpo-35441: Remove dead and buggy code related to PyList_SetItem(). ↵Serhiy Storchaka2018-12-194-19/+21
| | | | | | | | | | | | | | (GH-11033) (GH-11234) In _localemodule.c and selectmodule.c, remove dead code that would cause double decrefs if run. In addition, replace PyList_SetItem() with PyList_SET_ITEM() in cases where a new list is populated and there is no possibility of an error. In addition, check if the list changed size in the loop in array_array_fromlist(). (cherry picked from commit 99d56b53560b3867844472ae381fb3f858760621) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* bpo-10320: Use PY_FORMAT_LONG_LONG in ctypes' PyCArg_repr(). (GH-11230)Zackery Spytz2018-12-191-5/+1
|
* bpo-10320: Replace nonstandard sprintf() length modifier in ctypes' ↵Miss Islington (bot)2018-12-181-1/+1
| | | | | | | | PyCArg_repr(). (GH-10853) Use "ll" instead of the nonstandard "q". (cherry picked from commit 062cbb67726f26794b1b461853e40696b4a0b220) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* [2.7] bpo-31374: Include pyconfig.h earlier in expat (GH-11078)Victor Stinner2018-12-102-1/+6
| | | | Include <pyconfig.h> ealier in Modules/expat/xmlparse.c to define properly _POSIX_C_SOURCE and _XOPEN_SOURCE.
* bpo-31374: Include pyconfig.h earlier in expat (GH-11064)Miss Islington (bot)2018-12-101-0/+1
| | | | | | | | | Include <pyconfig.h> ealier in Modules/expat/xmltok.c to define properly _POSIX_C_SOURCE. Python defines _POSIX_C_SOURCE as 200809L, whereas <features.h> (included indirectly by <string.h>) defines _POSIX_C_SOURCE as 199506L. (cherry picked from commit cf247359d5b7082044eea1fa94b5211a172b1ff6) Co-authored-by: Victor Stinner <vstinner@redhat.com>
* [2.7] bpo-34052: Prevent SQLite functions from setting callbacks on ↵Serhiy Storchaka2018-12-051-20/+13
| | | | | | | | | exceptions. (GH-8113). (GH-10946) (GH-10955) (cherry picked from commit 5b25f1d03100e2283c1b129d461ba68ac0169a14) (cherry picked from commit 1de91a0032fed500ddd3d8c4fb7a38c0b8719f67) Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>.
* [2.7] bpo-16865: Support arrays >=2GB in ctypes. (GH-3006). (GH-7441)Serhiy Storchaka2018-12-041-6/+18
| | | | | | (cherry picked from commit 735abadd5bd91db4a9e6f4311969b0afacca0a1a) Co-Authored-By: Segev Finer <segev208@gmail.com>
* [2.7] bpo-25862: Fix several bugs in the _io module. (GH-8026) (GH-8033)Serhiy Storchaka2018-12-042-7/+17
| | | | | | | | | | | They can be exposed when some C API calls fail due to lack of memory. * Failed Py_BuildValue() could cause an assertion error in the following TextIOWrapper.tell(). * initvalue could leak in StringIO.__getstate__() after failed PyDict_Copy(). (cherry picked from commit fdb5a50ef34f7951c3b01eb77b1359725a9ad670)
* bpo-35356: Fix a possible reference leak in nis.maps(). (GH-10808)Miss Islington (bot)2018-11-301-0/+1
| | | | | (cherry picked from commit a2e3585e79c93b2372dbad46a744e28fcc6dad6d) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* [2.7] bpo-35021: Fix assertion failures in _datetimemodule.c. (GH-10039) ↵Serhiy Storchaka2018-11-201-46/+50
| | | | | | | | | | | | | (GH-10617) Fixes assertion failures in _datetimemodule.c introduced in the previous fix (see bpo-31752). Rather of trying to handle an int subclass as exact int, let it to use overridden special methods, but check the result of divmod(). (cherry picked from commit 3ec0f495163da3b7a15deb2805cec48aed432f58) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
* Fix a possible reference leak in _socket.getaddrinfo(). (GH-10543)Miss Islington (bot)2018-11-151-2/+4
| | | | | | "single" needs to be decrefed if PyList_Append() fails. (cherry picked from commit 4c596d54aa6a55e9d2a3db78891e656ebbfb63c8) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* [2.7] bpo-35194: Fix a wrong constant in cp932 codec. (GH-10420) (GH-10433)Alexey Izbyshev2018-11-101-1/+1
| | | | | | | | This typo doesn't affect the result because wrong bits are discarded on implicit conversion to unsigned char, but it trips UBSan with -fsanitize=implicit-integer-truncation. (cherry picked from commit 7a69cf47a9bbc95f95fd67c982bff121b2a903cb) Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
* [2.7] closes bpo-35139: The `pyexpat` module's macros in `Modules/Setup` now ↵Benjamin Peterson2018-11-021-1/+1
| | | | | | | | match `setup.py` (GH-10293) This could cause compile errors on macOS or other platforms.. (cherry picked from commit 318ab63c01f5b8e7562b122ab5ba01258a51277b) Co-authored-by: Max Bélanger <aeromax@gmail.com>
* bpo-35062: Fix parsing _io.IncrementalNewlineDecoder's *translate* argument. ↵Miss Islington (bot)2018-10-311-1/+1
| | | | | | | | | (GH-10217) _io.IncrementalNewlineDecoder's initializer possibly assigns out-of-range value to the bitwise struct field. (cherry picked from commit b08746bfdf64e55ce33516f2065fa2aa4f51be95) Co-authored-by: Xiang Zhang <angwerzx@126.com>
* [2.7] Fix a possible "double decref" in termios.tcgetattr(). (GH-10194) ↵Zackery Spytz2018-10-291-2/+2
| | | | | (GH-10218) (cherry picked from commit 53835e92d315340444e3dd083b3f69a590b00e07)
* [2.7] bpo-35068: Fix possible crashes in pyexpat.c. (GH-10099)Zackery Spytz2018-10-291-17/+11
|
* [2.7] bpo-34794: Fix a leak in Tkinter. (GH-10025) (GH-10181)Serhiy Storchaka2018-10-281-4/+2
| | | | | Based on the investigation by Xiang Zhang. (cherry picked from commit df13df41a25765d8a39a77220691698498e758d4)
generated by cgit v0.12 at 2026-01-03 03:50:32 (GMT)