summaryrefslogtreecommitdiffstats
path: root/Objects
Commit message (Collapse)AuthorAgeFilesLines
* [3.7] gh-97616: list_resize() checks for integer overflow (GH-97617) (#97629)Miss Islington (bot)2022-10-051-2/+8
| | | | | | | | | | | Fix multiplying a list by an integer (list *= int): detect the integer overflow when the new allocated length is close to the maximum size. Issue reported by Jordan Limor. list_resize() now checks for integer overflow before multiplying the new allocated length by the list item size (sizeof(PyObject*)). (cherry picked from commit a5f092f3c469b674b8d9ccbd4e4377230c9ac7cf) Co-authored-by: Victor Stinner <vstinner@python.org>
* [3.7] gh-95778: Mention sys.set_int_max_str_digits() in error message ↵Miss Islington (bot)2022-10-041-2/+2
| | | | | | | | | | | | | | | (GH-96874) (GH-96877) (GH-97836) [3.9] gh-95778: Mention sys.set_int_max_str_digits() in error message (GH-96874) (GH-96877) When ValueError is raised if an integer is larger than the limit, mention sys.set_int_max_str_digits() in the error message. (cherry picked from commit e841ffc915e82e5ea6e3b473205417d63494808d) Co-authored-by: Ned Deily <nad@python.org> (cherry picked from commit 41188134bd2120f0cedd681ed88743c11c7f3742) Co-authored-by: Victor Stinner <vstinner@python.org>
* [3.7] gh-95778: CVE-2020-10735: Prevent DoS by very large int() (GH-96504)Gregory P. Smith2022-09-061-1/+61
| | | | | | | | | | | | | | | | Converting between `int` and `str` in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a `ValueError` if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. This is a mitigation for CVE-2020-10735 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735). This new limit can be configured or disabled by environment variable, command line flag, or :mod:`sys` APIs. See the `Integer String Conversion Length Limitation` documentation. The default limit is 4300 digits in string form. Patch by Gregory P. Smith [Google] and Christian Heimes [Red Hat] with feedback from Victor Stinner, Thomas Wouters, Steve Dower, Ned Deily, and Mark Dickinson.
* bpo-33786: Fix asynchronous generators to handle GeneratorExit in athrow() ↵Miss Islington (bot)2020-08-141-8/+7
| | | | | | | | (GH-7467) (GH-21878) (cherry picked from commit 52698c7ad9eae9feb35839fde17a7d1da8036a9b) Co-authored-by: Yury Selivanov <yury@magic.io>
* Fix a possible refleak in tupleobject.c (GH-19018)Miss Islington (bot)2020-03-151-1/+3
| | | | | (cherry picked from commit c81609e44eed641d3b8a137daa31ef35501c1f85) Co-authored-by: Hai Shi <shihai1992@gmail.com>
* bpo-39884: Add method name in "bad call flags" error (GH-18944) (GH-18957)Victor Stinner2020-03-121-6/+4
| | | | | | | _PyMethodDef_RawFastCallDict() and _PyMethodDef_RawFastCallKeywords() now include the method name in the SystemError "bad call flags" error message to ease debug. (cherry picked from commit c7d2d69d95b263ee5f83511bc6fbe53acdc24ea3)
* [3.7] bpo-38643: Raise SystemError instead of crashing when PyNumber_ToBase ↵Serhiy Storchaka2020-03-121-9/+6
| | | | | | is called with invalid base. (GH-18863). (GH-18955) (cherry picked from commit e5ccc94bbb153431698b2391df625e8d47a93276)
* bpo-39778: Don't traverse weak-reference lists OrderedDict's tp_traverse and ↵Miss Islington (bot)2020-03-021-2/+0
| | | | | | | | | tp_clear (GH-18749) Objects do not own weak references to them directly through the __weakref__ list so these do not need to be traversed by the GC. (cherry picked from commit 0c2b509f9d1d3a9065bc62c2407e1dc2ed70e9c2) Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
* Give proper credits for the memoryview implementation. (GH-18626) (#18643)Miss Islington (bot)2020-02-241-1/+11
| | | | | | (cherry picked from commit ee3bac4cba56b51ce924f13d77b97131eec1a865) Authored-by: Stefan Krah <skrah@bytereef.org>
* bpo-39382: Avoid dangling object use in abstract_issubclass() (GH-18530)Miss Islington (bot)2020-02-221-3/+9
| | | | | | | Hold reference of __bases__ tuple until tuple item is done with, because by dropping the reference the item may be destroyed. (cherry picked from commit 1c56f8ffad44478b4214a2bf8eb7cf51c28a347a) Co-authored-by: Yonatan Goldschmidt <yon.goldschmidt@gmail.com>
* [3.8] bpo-39453: Fix contains method of list to hold strong references ↵Miss Islington (bot)2020-02-171-3/+7
| | | | | | | (GH-18204) (cherry picked from commit f64abd10563c25a94011f9e3335fd8a1cf47c205) Co-authored-by: Dong-hee Na <donghee.na92@gmail.com>
* bpo-39606: allow closing async generators that are already closed (GH-18475) ↵Nathaniel J. Smith2020-02-131-2/+9
| | | | | | | | | | | | | | | | (GH-18502) The fix for [bpo-39386](https://bugs.python.org/issue39386) attempted to make it so you couldn't reuse a agen.aclose() coroutine object. It accidentally also prevented you from calling aclose() at all on an async generator that was already closed or exhausted. This commit fixes it so we're only blocking the actually illegal cases, while allowing the legal cases. The new tests failed before this patch. Also confirmed that this fixes the test failures we were seeing in Trio with Python dev builds: https://github.com/python-trio/trio/pull/1396 https://bugs.python.org/issue39606 (cherry picked from commit 925dc7fb1d0db85dc137afa4cd14211bf0d67414)
* Fixes in sorting descriptions (GH-18317)Miss Islington (bot)2020-02-041-8/+8
| | | | | | | | Improvements in listsort.txt and a comment in sortperf.py. Automerge-Triggered-By: @csabella (cherry picked from commit 24e5ad4689de9adc8e4a7d8c08fe400dcea668e6) Co-authored-by: Stefan Pochmann <stefan.pochmann@gmail.com>
* bpo-39425: Fix list.count performance regression (GH-18119) (GH-18121)Miss Islington (bot)2020-01-221-0/+4
| | | | | | | | | | | https://bugs.python.org/issue39425 Automerge-Triggered-By: @pablogsal (cherry picked from commit 14d80d0b605d8b148e14458e4c1853a940071462) Co-authored-by: Dong-hee Na <donghee.na92@gmail.com> Co-authored-by: Dong-hee Na <donghee.na92@gmail.com>
* bpo-39386: Prevent double awaiting of async iterator (GH-18081)Miss Islington (bot)2020-01-201-4/+12
| | | | | (cherry picked from commit a96e06db77dcbd3433d39761ddb4615d7d96284a) Co-authored-by: Andrew Svetlov <andrew.svetlov@gmail.com>
* bpo-38400 Don't check for NULL linked list pointers in _PyObject_IsFreed ↵Miss Islington (bot)2020-01-191-1/+4
| | | | | | | | | | | | (GH-16630) Some objects like Py_None are not initialized with conventional means that prepare the circular linked list pointers, leaving them unlinked from the rest of the objects. For those objects, NULL pointers does not mean that they are freed, so we need to skip the check in those cases. (cherry picked from commit 36e33c360ed7716a2b5ab2b53210da81f8ce1295) Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
* [3.7] bpo-38588: Fix possible crashes in dict and list when calling P… ↵Dong-hee Na2019-12-312-0/+12
| | | | | | | | | | | | | | | | | | | | (GH-17765) * [3.7] bpo-38588: Fix possible crashes in dict and list when calling PyObject_RichCompareBool (GH-17734) Take strong references before calling PyObject_RichCompareBool to protect against the case where the object dies during the call.. (cherry picked from commit 2d5bf568eaa5059402ccce9ba5a366986ba27c8a) Co-authored-by: Dong-hee Na <donghee.na92@gmail.com> * methane's suggestion methane's suggestion Co-Authored-By: Inada Naoki <songofacandy@gmail.com> Co-authored-by: Inada Naoki <songofacandy@gmail.com>
* [3.7] bpo-38610: Fix possible crashes in several list methods (GH-17022) ↵Pablo Galindo2019-12-301-3/+12
| | | | | | | | | | | (GH-17759) Hold strong references to list elements while calling PyObject_RichCompareBool().. (cherry picked from commit d9e561d23d994e3ed15f4fcbd7ee5c8fe50f190b) Co-authored-by: Zackery Spytz <zspytz@gmail.com> Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* closes bpo-30364: Replace deprecated no_address_safety_analysis attribute. ↵Miss Islington (bot)2019-12-271-7/+7
| | | | | | | (GH-17702) (cherry picked from commit c0052f3fe3d19820b2d4f76e383035439affe32c) Co-authored-by: Batuhan Taşkaya <47358913+isidentical@users.noreply.github.com>
* bpo-35409: Ignore GeneratorExit in async_gen_athrow_throw (GH-14755)Miss Islington (bot)2019-11-191-0/+11
| | | | | | | | Ignore `GeneratorExit` exceptions when throwing an exception into the `aclose` coroutine of an asynchronous generator. https://bugs.python.org/issue35409 (cherry picked from commit 8e0de2a4808d7c2f4adedabff89ee64e0338790a) Co-authored-by: Vincent Michel <vxgmichel@gmail.com>
* [3.7] bpo-38395: Fix ownership in weakref.proxy methods (GH-16632) (GH-16663)Pablo Galindo2019-10-111-31/+91
| | | | | | | | | | | | | | | | | | | | | | The implementation of weakref.proxy's methods call back into the Python API using a borrowed references of the weakly referenced object (acquired via PyWeakref_GET_OBJECT). This API call may delete the last reference to the object (either directly or via GC), leaving a dangling pointer, which can be subsequently dereferenced. To fix this, claim a temporary ownership of the referenced object when calling the appropriate method. Some functions because at the moment they do not need to access the borrowed referent, but to protect against future changes to these functions, ownership need to be fixed in all potentially affected methods.. (cherry picked from commit 10cd00a9e3c22af37c748ea5a417f6fb66601e21) Co-authored-by: Pablo Galindo <Pablogsal@gmail.com> https://bugs.python.org/issue38395
* [3.7] bpo-38409: Fix grammar in str.strip() docstring (GH-16682) (GH-16686)Zachary Ware2019-10-092-4/+4
| | | (cherry picked from commit 09895c27cd8ff60563a794016e8c099bc897cc74)
* bpo-38383: Fix possible integer overflow in startswith() of bytes and ↵Miss Islington (bot)2019-10-061-1/+1
| | | | | | | bytearray. (GH-16603) (cherry picked from commit 24ddd9c2d6ab61cbce7e68d6de36d4df9bd2c3fb) Co-authored-by: Hai Shi <shihai1992@gmail.com>
* bpo-38013: make async_generator_athrow object tolerant to throwing ↵Miss Islington (bot)2019-09-171-5/+0
| | | | | | | | | | | | | exceptions (GH-16070) Even when the helper is not started yet. This behavior follows conventional generator one. There is no reason for `async_generator_athrow` to handle `gen.throw()` differently. https://bugs.python.org/issue38013 (cherry picked from commit c275312a6284bd319ea33c9abd7e15c230eca43f) Co-authored-by: Andrew Svetlov <andrew.svetlov@gmail.com>
* bpo-38096: Complete the "structseq" and "named tuple" cleanup (GH-16010) ↵Miss Islington (bot)2019-09-121-2/+8
| | | | | | | (GH-16063) (cherry picked from commit 4210ad5ebd5769f585035e022876e161cd0e9a3e) Co-authored-by: Raymond Hettinger <rhettinger@users.noreply.github.com>
* bpo-38096: Clean up the "struct sequence" / "named tuple" docs (GH-15895) ↵Paul Ganssle2019-09-122-2/+2
| | | | (GH-15962)
* Fix typo in dict object comment (GH-15814)Miss Islington (bot)2019-09-101-1/+1
| | | | | (cherry picked from commit 359143c68659d165f52320d368667e0eff279dc5) Co-authored-by: dalgarno <32097481+dalgarno@users.noreply.github.com>
* bpo-36946:Fix possible signed integer overflow when handling slices. (GH-15639)Miss Islington (bot)2019-09-081-2/+4
| | | | | | This is a complement to PR 13375. (cherry picked from commit 3c87a667bb367ace1de6bd1577fdb4f66947da52) Co-authored-by: HongWeipeng <hongweichen8888@sina.com>
* bpo-36311: Fixes decoding multibyte characters around chunk boundaries and ↵Miss Islington (bot)2019-08-211-6/+10
| | | | | | | improves decoding performance (GH-15083) (cherry picked from commit 7ebdda0dbee7df6f0c945a7e1e623e47676e112d) Co-authored-by: Steve Dower <steve.dower@python.org>
* bpo-37732: Fix GCC warning in _PyObject_Malloc() (GH-15333) (GH-15342) ↵Victor Stinner2019-08-201-15/+13
| | | | | | | | | | | | (GH-15343) pymalloc_alloc() now returns directly the pointer, return NULL on memory allocation error. allocate_from_new_pool() already uses NULL as marker for "allocation failed". (cherry picked from commit 18f8dcfa10d8a858b152d12a9ad8fa83b7e967f0) (cherry picked from commit 30e5aff5fb0e3841107ddd4539a1f5b8521c80fb)
* bpo-37681: no_sanitize_thread support from GCC 5.1 (GH-15096)Miss Islington (bot)2019-08-141-2/+2
| | | | | | | Fix the following warning with GCC 4.8.5: Objects/obmalloc.c: warning: ‘no_sanitize_thread’ attribute directive ignored (cherry picked from commit 7e479c82218450255572e3f5fa1549dc283901ea) Co-authored-by: Hai Shi <shihai1992@gmail.com>
* bpo-37417: Fix error handling in bytearray.extend. (GH-14407)Miss Islington (bot)2019-06-261-0/+4
| | | | | (cherry picked from commit 2a7d596f27b2342caf168a03c95ebf3b56e5dbbd) Co-authored-by: Brandt Bucher <brandtbucher@gmail.com>
* [3.7] bpo-24214: Fixed the UTF-8 and UTF-16 incremental decoders. (GH-14304) ↵Miss Islington (bot)2019-06-252-6/+10
| | | | | | | | | | | | | (GH-14369) * bpo-24214: Fixed the UTF-8 and UTF-16 incremental decoders. (GH-14304) * The UTF-8 incremental decoders fails now fast if encounter a sequence that can't be handled by the error handler. * The UTF-16 incremental decoders with the surrogatepass error handler decodes now a lone low surrogate with final=False. (cherry picked from commit 894263ba80af4b7733c2df95b527e96953922656) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
* [3.7] bpo-37219: Remove erroneous optimization for differencing an empty set ↵Raymond Hettinger2019-06-111-8/+0
| | | | | | (GH-13965) (GH-13968)
* [3.7] bpo-37170: Fix the cast on error in PyLong_AsUnsignedLongLongMask() ↵Zackery Spytz2019-06-071-2/+2
| | | | | | | (GH-13860) (GH-13896) (cherry picked from commit dc2476500d91082f0c907772c83a044bf49af279) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* [3.7] Fix a possible crash due to PyType_FromSpecWithBases() (GH-10304) ↵Petr Viktorin2019-05-291-0/+1
| | | | | | | | | (GH-13495) If the PyObject_MALLOC() call failed in PyType_FromSpecWithBases(), PyObject_Free() would be called on a static string in type_dealloc(). (cherry picked from commit 0613c1e481440aa8f54ba7f6056924c175fbcc13) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* bpo-26423: Fix possible overflow in wrap_lenfunc() (GH-13606)Miss Islington (bot)2019-05-281-1/+1
| | | | | | | Fix possible overflow in wrap_lenfunc() when sizeof(long) < sizeof(Py_ssize_t) (e.g., 64-bit Windows). (cherry picked from commit 05f16416d99dc9fc76fef11e56f16593e7a5955e) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* [3.7] bpo-28866: No type cache for types with specialized mro, invalidation ↵Miss Islington (bot)2019-05-261-8/+30
| | | | | | | | | | | | | | | | | | | | | | | | is hard. (GH-13157) (GH-13589) * No type cache for types with specialized mro, invalidation is hard. * FIX: Don't disable method cache custom types that do not implement mro(). * fixing implem. * Avoid storing error flags, also decref. * news entry * Clear as soon as we're getting an error. * FIX: Reference leak. (cherry picked from commit 180dc1b0f4a57c3f66351568ae8488fa8576d7f0) Co-authored-by: Julien Palard <julien@palard.fr> https://bugs.python.org/issue28866
* bpo-27987: pymalloc: align by 16bytes on 64bit platform (GH-12850)Miss Islington (bot)2019-05-251-0/+6
| | | | | (cherry picked from commit f0be4bbb9b3cee876249c23f2ae6f38f43fa7495) Co-authored-by: Inada Naoki <songofacandy@gmail.com>
* bpo-35091: Objects/listobject.c: Replace overflow checks in gallop fu… ↵Miss Islington (bot)2019-05-231-8/+4
| | | | | | | | | | | | | | | (GH-10202) …nctions with asserts The actual overflow can never happen because of the following: * The size of a list can't be greater than PY_SSIZE_T_MAX / sizeof(PyObject*). * The size of a pointer on all supported plaftorms is at least 4 bytes. * ofs is positive and less than the list size at the beginning of each iteration. https://bugs.python.org/issue35091 (cherry picked from commit 6bc5917903b722bdd0e5d3020949f26fec5dfe9a) Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
* bpo-36907: fix refcount bug in _PyStack_UnpackDict() (GH-13381) (GH-13493)Jeroen Demeyer2019-05-221-5/+12
|
* closes bpo-36951: Correct some types in the type_members struct in ↵Miss Islington (bot)2019-05-201-3/+3
| | | | | | | typeobject.c. (GH-13403) (cherry picked from commit 53d378c81286644138415cb56da52a7351e1a477) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* [3.7] Fix typo in _PyMethodDef_RawFastCallKeywords error message (GH-13343) ↵Stéphane Wirtel2019-05-171-1/+1
| | | | | | | (GH-13385) (cherry picked from commit a8b46944d72bba6dc76260ed61da5c78d3f9d9c0) Co-authored-by: Jeroen Demeyer <J.Demeyer@UGent.be>
* bpo-36946: Fix possible signed integer overflow when handling slices. (GH-13375)Miss Islington (bot)2019-05-174-4/+8
| | | | | | | | | | The final addition (cur += step) may overflow, so use size_t for "cur". "cur" is always positive (even for negative steps), so it is safe to use size_t here. Co-Authored-By: Martin Panter <vadmium+py@gmail.com> (cherry picked from commit 14514d9084a40f599c57da853a305aa264562a43) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* bpo:34848 : Correct an incorrect docstring for range().index method (GH-9877)Miss Islington (bot)2019-05-031-1/+1
| | | | | (cherry picked from commit 22c526394b2ef51b985873ddbfbcc32c16411919) Co-authored-by: Srinivas Reddy Thatiparthy (శ్రీనివాస్ రెడ్డి తాటిపర్తి) <thatiparthysreenivas@gmail.com>
* bpo-36745: Fix a possible reference leak in PyObject_SetAttr() (GH-12993)Miss Islington (bot)2019-04-281-1/+3
| | | | | | https://bugs.python.org/issue36745 (cherry picked from commit e0dcb85b7d64153d1741698c04a6736c9669603a) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* [3.7] bpo-36389: _PyObject_IsFreed() now also detects uninitialized memory ↵Victor Stinner2019-04-112-33/+18
| | | | | | | | | | | | | | | | | | | | | | | | (GH-12770) (GH-12788) * bpo-36389: _PyObject_IsFreed() now also detects uninitialized memory (GH-12770) Replace _PyMem_IsFreed() function with _PyMem_IsPtrFreed() inline function. The function is now way more efficient, it became a simple comparison on integers, rather than a short loop. It detects also uninitialized bytes and "forbidden bytes" filled by debug hooks on memory allocators. Add unit tests on _PyObject_IsFreed(). (cherry picked from commit 2b00db68554422ec37faba2a80179a0172df6349) * bpo-36389: Change PyMem_SetupDebugHooks() constants (GH-12782) Modify CLEANBYTE, DEADDYTE and FORBIDDENBYTE constants: use 0xCD, 0xDD and 0xFD, rather than 0xCB, 0xBB and 0xFB, to use the same byte patterns than Windows CRT debug malloc() and free(). (cherry picked from commit 4c409beb4c360a73d054f37807d3daad58d1b567)
* bpo-24214: Fixed the UTF-8 incremental decoder. (GH-12603) (GH-12627)Miss Islington (bot)2019-03-301-0/+3
| | | | | | | The bug occurred when the encoded surrogate character is passed to the incremental decoder in two chunks. (cherry picked from commit 7a465cb5ee7e298cae626ace1fc3e7d97df79f2e) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
* bpo-36433: fix confusing error messages in classmethoddescr_call (GH-12556)Miss Islington (bot)2019-03-261-6/+4
| | | | | | https://bugs.python.org/issue36433 (cherry picked from commit 871309c775fd4d72048bfaa31affd54f9934f7dd) Co-authored-by: Inada Naoki <songofacandy@gmail.com>
* bpo-36218: Fix handling of heterogeneous values in list.sort (GH-12209) ↵Miss Islington (bot)2019-03-251-11/+22
| | | | | | | GH-12532) (cherry picked from commit dd5417afcf8924bcdd7077351941ad21727ef644) Co-authored-by: Rémi Lapeyre <remi.lapeyre@henki.fr>
generated by cgit v0.12 at 2025-12-29 11:30:49 (GMT)