From 346c5de08e92001f0b26b4d07d8f2a22a21d2f1e Mon Sep 17 00:00:00 2001
From: Florent Xicluna <florent.xicluna@gmail.com>
Date: Wed, 23 May 2012 17:42:50 +0200
Subject: Remove duplicate entries in Misc/NEWS.

---
 Misc/NEWS | 20 --------------------
 1 file changed, 20 deletions(-)

diff --git a/Misc/NEWS b/Misc/NEWS
index d435b19..7ed8f15 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -287,26 +287,6 @@ Tools/Demos
   Tools/parser/unparse.py.
 
 
-What's New in Python 3.2.3 release candidate 2?
-===============================================
-
-*Release date: XX-Mar-2012*
-
-Library
--------
-
-- Issue #6884: Fix long-standing bugs with MANIFEST.in parsing in distutils
-  on Windows.
-
-Extension Modules
------------------
-
-- Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash
-  table internal to the pyexpat module's copy of the expat library to avoid a
-  denial of service due to hash collisions.  Patch by David Malcolm with some
-  modifications by the expat project.
-
-
 What's New in Python 3.2.3?
 ===========================
 
-- 
cgit v0.12


From 2fc5a5080923f243a78b13cca0fd09f8db26eff6 Mon Sep 17 00:00:00 2001
From: Senthil Kumaran <senthil@uthcode.com>
Date: Thu, 24 May 2012 21:56:17 +0800
Subject: Issue #14036: return None when port in urlparse cross 65535

---
 Lib/test/test_urlparse.py | 5 +++++
 Lib/urllib/parse.py       | 3 +++
 Misc/NEWS                 | 3 +++
 3 files changed, 11 insertions(+)

diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py
index 73150cf..e9adaef 100755
--- a/Lib/test/test_urlparse.py
+++ b/Lib/test/test_urlparse.py
@@ -524,6 +524,11 @@ class UrlParseTestCase(unittest.TestCase):
         self.assertEqual(p.port, 80)
         self.assertEqual(p.geturl(), url)
 
+        # Verify an illegal port is returned as None
+        url = b"HTTP://WWW.PYTHON.ORG:65536/doc/#frag"
+        p = urllib.parse.urlsplit(url)
+        self.assertEqual(p.port, None)
+
     def test_attributes_bad_port(self):
         """Check handling of non-integer ports."""
         p = urllib.parse.urlsplit("http://www.example.net:foo")
diff --git a/Lib/urllib/parse.py b/Lib/urllib/parse.py
index 92170ad..528c0a7 100644
--- a/Lib/urllib/parse.py
+++ b/Lib/urllib/parse.py
@@ -143,6 +143,9 @@ class _NetlocResultMixinBase(object):
         port = self._hostinfo[1]
         if port is not None:
             port = int(port, 10)
+            # Return None on an illegal port
+            if not ( 0 <= port <= 65535):
+                return None
         return port
 
 
diff --git a/Misc/NEWS b/Misc/NEWS
index 7ed8f15..d9b8b5c 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -67,6 +67,9 @@ Core and Builtins
 Library
 -------
 
+- Issue #14036: Add an additional check to validate that port in urlparse does
+  not go in illegal range and returns None.
+
 - Issue #14875: Use float('inf') instead of float('1e66666') in the json module.
 
 - Issue #14426: Correct the Date format in Expires attribute of Set-Cookie
-- 
cgit v0.12