[issue43471] Fails to import bz2 on Ubuntu

[Eric V. Smith]

Eric V. Smith  added the comment:

You're probably missing needed dependencies. For example, see 
https://stackoverflow.com/questions/12806122/missing-python-bz2-module

If you look at the output of make, you should be able to see that _bz2 wasn't 
built.

--
nosy: +eric.smith

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43471] Fails to import bz2 on Ubuntu

[Xinmeng Xia]

New submission from Xinmeng Xia :

Module bz2 fails to be imported on Ubuntu due to lack of '_bz2'.  We try 
"import bz2" on Mac, it can work well.

Errors on Ubuntu
==
>>import bz2
Traceback (most recent call last):
  File "/home/xxm/Desktop/apifuzz/doc/genDoc.py", line 97, in 
   exec(compile(mstr,'','exec'))
  File "", line 1, in 
   File "/home/xxm/Desktop/apifuzz/Python-3.9.2/Lib/bz2.py", line 18, 
in 
from _bz2 import BZ2Compressor, BZ2Decompressor
ModuleNotFoundError: No module named '_bz2'
===

Python version: 3.9.2
Python installation: (1). download source code from python.org, (2). run 
command "./configure; sudo make; sudo make install.

We install the same Python 3.9.2 in a same way on Mac and Ubuntu.

--
components: Library (Lib)
messages: 388483
nosy: xxm
priority: normal
severity: normal
status: open
title: Fails to import bz2 on Ubuntu
type: behavior
versions: Python 3.9

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43470] Installation of Python 3.6.13 fails on MacOS Big Sur 11.2.3

[Xinmeng Xia]

New submission from Xinmeng Xia :

Installation of latest Python 3.6.13 fails on MacOS Big Sur 11.2.3. The source 
code is downloaded from python.org. Then we try to install it by commands 
"./configure;sudo make;sudo make install". However the installation  crashes.

The installation succeeds on Ubuntu.

Crash information:
==
>>./configure
>>sudo make
gcc -c -Wno-unused-result -Wsign-compare -Wunreachable-code -DNDEBUG -g -fwrapv 
-O3 -Wall-std=c99 -Wextra -Wno-unused-result -Wno-unused-parameter 
-Wno-missing-field-initializers -Wstrict-prototypes   -I. -I./Include
-DPy_BUILD_CORE -o Programs/python.o ./Programs/python.c
.
t -Wno-unused-parameter -Wno-missing-field-initializers -Wstrict-prototypes   
-I. -I./Include-DPy_BUILD_CORE  -c ./Modules/posixmodule.c -o 
Modules/posixmodule.o
./Modules/posixmodule.c:8210:15: error: implicit declaration of function 
'sendfile' is invalid in C99
  [-Werror,-Wimplicit-function-declaration]
ret = sendfile(in, out, offset, , , flags);
  ^
./Modules/posixmodule.c:10432:5: warning: code will never be executed 
[-Wunreachable-code]
Py_FatalError("abort() called from Python code didn't abort!");
^
1 warning and 1 error generated.
make: *** [Modules/posixmodule.o] Error 1


--
components: Installation
messages: 388482
nosy: xxm
priority: normal
severity: normal
status: open
title: Installation of Python 3.6.13 fails on MacOS Big Sur 11.2.3
type: crash
versions: Python 3.6

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43469] Python 3.6 fails to run on MacOS (Big Sur 11.2.3)

[Xinmeng Xia]

New submission from Xinmeng Xia :

Python 3.6 can work well on old version of MacOS. When I upgrade MacOS to the 
latest version Big Sur 11.2.3. Python 3.6 fails to start and crashes. Python 
3.7, 3.8, 3.9 can perform well on the new version MacOS Big Sur 11.2.3. The 
crash information attached as follows:

Crash information
==
>>python3.6
dyld: Library not loaded: 
/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
  Referenced from: 
/Library/Frameworks/Python.framework/Versions/3.6/Resources/Python.app/Contents/MacOS/Python
  Reason: image not found
Abort trap: 6
==

--
components: macOS
messages: 388481
nosy: ned.deily, ronaldoussoren, xxm
priority: normal
severity: normal
status: open
title: Python 3.6 fails to run on MacOS (Big Sur 11.2.3)
type: crash
versions: Python 3.6

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43468] functools.cached_property locking is plain wrong.

[Karthikeyan Singaravelan]

Change by Karthikeyan Singaravelan :


--
nosy: +rhettinger

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43468] functools.cached_property locking is plain wrong.

[Antti Haapala]

New submission from Antti Haapala :

The locking on functools.cached_property 
(https://github.com/python/cpython/blob/87f649a409da9d99682e78a55a83fc43225a8729/Lib/functools.py#L934)
 as it was written is completely undesirable for I/O bound values, parallel 
processing. Instead of protecting the calculation of cached property to the 
same instance in two threads, it completely blocks parallel calculations of 
cached values to *distinct instances* of the same class. 

Here's the code of __get__ in cached_property:

def __get__(self, instance, owner=None):
if instance is None:
return self
if self.attrname is None:
raise TypeError(
"Cannot use cached_property instance without calling 
__set_name__ on it.")
try:
cache = instance.__dict__
except AttributeError:  # not all objects have __dict__ (e.g. class 
defines slots)
msg = (
f"No '__dict__' attribute on {type(instance).__name__!r} "
f"instance to cache {self.attrname!r} property."
)
raise TypeError(msg) from None
val = cache.get(self.attrname, _NOT_FOUND)
if val is _NOT_FOUND:
with self.lock:
# check if another thread filled cache while we awaited lock
val = cache.get(self.attrname, _NOT_FOUND)
if val is _NOT_FOUND:
val = self.func(instance)
try:
cache[self.attrname] = val
except TypeError:
msg = (
f"The '__dict__' attribute on 
{type(instance).__name__!r} instance "
f"does not support item assignment for caching 
{self.attrname!r} property."
)
raise TypeError(msg) from None
return val


I noticed this because I was recommending that Pyramid web framework deprecate 
its much simpler 
[`reify`](https://docs.pylonsproject.org/projects/pyramid/en/latest/_modules/pyramid/decorator.html#reify)
 decorator in favour of using `cached_property`, and then noticed why it won't 
do.


Here is the test case for cached_property:

from functools import cached_property
from threading import Thread
from random import randint
import time



class Spam:
@cached_property
def ham(self):
print(f'Calculating amount of ham in {self}')
time.sleep(10)
return randint(0, 100)


def bacon():
spam = Spam()
print(f'The amount of ham in {spam} is {spam.ham}')


start = time.time()
threads = []
for _ in range(3):
t = Thread(target=bacon)
threads.append(t)
t.start()

for t in threads:
t.join()

print(f'Total running time was {time.time() - start}')


Calculating amount of ham in <__main__.Spam object at 0x7fa50bcaa220>
The amount of ham in <__main__.Spam object at 0x7fa50bcaa220> is 97
Calculating amount of ham in <__main__.Spam object at 0x7fa50bcaa4f0>
The amount of ham in <__main__.Spam object at 0x7fa50bcaa4f0> is 8
Calculating amount of ham in <__main__.Spam object at 0x7fa50bcaa7c0>
The amount of ham in <__main__.Spam object at 0x7fa50bcaa7c0> is 53
Total running time was 30.02147102355957


The runtime is 30 seconds; for `pyramid.decorator.reify` the runtime would be 
10 seconds:

Calculating amount of ham in <__main__.Spam object at 0x7fc4d8272430>
Calculating amount of ham in <__main__.Spam object at 0x7fc4d82726d0>
Calculating amount of ham in <__main__.Spam object at 0x7fc4d8272970>
The amount of ham in <__main__.Spam object at 0x7fc4d82726d0> is 94
The amount of ham in <__main__.Spam object at 0x7fc4d8272970> is 29
The amount of ham in <__main__.Spam object at 0x7fc4d8272430> is 93
Total running time was 10.010624170303345

`reify` in Pyramid is used heavily to add properties to incoming HTTP request 
objects - using `functools.cached_property` instead would mean that each 
independent request thread blocks others because most of them would always get 
the value for the same lazy property using the the same descriptor instance and 
locking the same lock.

--
components: Library (Lib)
messages: 388480
nosy: ztane
priority: normal
severity: normal
status: open
title: functools.cached_property locking is plain wrong.
type: resource usage
versions: Python 3.10, Python 3.8, Python 3.9

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue42988] [security] CVE-2021-3426: Information disclosure via pydoc -p: /getfile?key=path allows to read arbitrary file on the filesystem

[Lumír Balhar]

Change by Lumír Balhar :


--
nosy: +frenzy

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1207613] Idle Editor: Bottom Scroll Bar

[Terry J. Reedy]

Terry J. Reedy  added the comment:

Request in #43467 closed as duplicate of this.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43467] IDLE: horizontal scrollbar

[Terry J. Reedy]

Terry J. Reedy  added the comment:

This has been debated for 15 years see #1207613.  The current patch, which only 
displays a scrollbar when needed, 'works', but in a way that is not visually 
acceptable.

--
resolution:  -> duplicate
stage:  -> resolved
status: open -> closed
superseder:  -> Idle Editor: Bottom Scroll Bar

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43420] Optimize rational arithmetics

[Tim Peters]

Tim Peters  added the comment:

Issue 21922 lists several concerns, and best I know they all still apply. As a 
practical matter, I expect the vast bulk of core Python developers would reject 
a change that sped large int basic arithmetic by a factor of a billion if it 
slowed down basic arithmetic on native machine-size ints by even half a percent.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43438] [doc] sys.addaudithook() documentation should be more explicit on its limitations

[Saiyang Gou]

Saiyang Gou  added the comment:

We understand that audit hooks should not be used to build a sandbox with 
Python. It is natural for audit hooks to appear in CTF challenges though, as 
many CTF challenges intentionally try to use a wrong way to secure a system 
(and let players prove it wrong).

With that being said, audit hooks should still be robust, even for logging 
purposes. We are no trying to prevent all kinds of malicious behaviors, but we 
want to detect them *as much as possible*. If audit hooks can be easily removed 
while triggering very few seemingly non-sensitive audit events (in this CTF 
challenge, only "import gc" is triggered, which probably looks "no so 
suspicious"), this allows attackers to hide details of further malicious 
behavior without being audited, which violated the motivation of audit hooks 
(to increase security transparency).

The recent gc patch introduced new events which will make the attack in that 
CTF challenge look more suspicious. But probably it is still better to harden 
the current data structure used to store per interpreter audit hooks. If an 
attacker happens to gain a reference to the list holding the hooks (although 
I'm not sure how that will still be possible without using `gc`), they can 
easily remove the hooks at the Python language level. Probably a Python tuple 
is already better than a Python list to store the hooks, since tuples are 
immutable at the language level. Although that means we should build new a 
tuple each time a new hook is added.

If the hook itself is fragile (e.g. a hook written in Python which relies on 
global variables), it is a user fault. But if the hook function itself is good, 
it shouldn't be too easy to remove. Any successful attempts to remove the hook 
must have already "pwned" the Python interpreter (i.e. gained arbitrary memory 
read/write or native code execution ability), either by using ctypes, by 
open('/proc/self/mem'), by crafting bytecode (which triggers code.__new__) or 
importing modules written in native code. (Overwriting hook.__code__ triggers 
object.__setattr__.)

--
nosy: +gousaiyang

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43467] IDLE: horizontal scrollbar

[David E. Franco G.]

David E. Franco G.  added the comment:

How is that clutter?
Even the most basic text editor (window notepad) have it, and knowing that 
yours or whoever code you are looking at extend horizontally beyond the size of 
your current windows size is a relevant information.

--
Added file: https://bugs.python.org/file49868/scroll bar notepd.PNG

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43467] IDLE: horizontal scrollbar

[Raymond Hettinger]

Raymond Hettinger  added the comment:

FWIW, I think IDLE is better-off without a horizontal scroll bar.

For teaching purposes, it's valuable to a screen that focuses on content and is 
devoid of clutter.

--
nosy: +rhettinger

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43454] [sqlite3] Add support for R*Tree callbacks

[Erlend Egeberg Aasland]

Erlend Egeberg Aasland  added the comment:

Test run output (see attached test file):

$ ./python.exe test_rtree.py
ARGS: ((-80.77490234375, -80.77469635009766, 35.377593994140625, 
35.377803802490234), (45.3, 22.9, 5.0))
KWARGS: {'num_queued': [0, 1], 'context': None, 'level': 0, 'max_level': 1, 
'rowid': 1, 'parent_score': 0.0, 'parent_visibility': 1}
ARGS: ((-81.0, -79.584741211, 35.0, 36.2076293945), (45.3, 22.9, 5.0))
KWARGS: {'num_queued': [1, 1], 'context': ['stuff'], 'level': 0, 'max_level': 
1, 'rowid': 2, 'parent_score': 0.0, 'parent_visibility': 1}

--
Added file: https://bugs.python.org/file49867/test_rtree.py

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43454] [sqlite3] Add support for R*Tree callbacks

[Erlend Egeberg Aasland]

Erlend Egeberg Aasland  added the comment:

FYI, PoC patch attached. Lacks tests and some #ifdefs. Let me know if I should 
create a PR out of it.

--
keywords: +patch
Added file: https://bugs.python.org/file49866/patch.diff

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43466] ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs

[Pablo Galindo Salgado]

Pablo Galindo Salgado  added the comment:

> The problem is that some features are not baked into the .a files. 

Oh, I see. So when using modern versions of openssl what shared objects do we 
expect to be in the NEEDED section? Right now, I see this in python3.8 in 
Ubuntu with OpenSSL 1.1.1:

❯ ldd /usr/lib/python3.8/lib-dynload/_ssl.cpython-38-x86_64-linux-gnu.so
linux-vdso.so.1 (0x7ffcf71ef000)
libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 
(0x7fe8782b6000)
libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 
(0x7fe877deb000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 
(0x7fe877bcc000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x7fe8777db000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x7fe8775d7000)
/lib64/ld-linux-x86-64.so.2 (0x7fe87876e000)

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43466] ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs

[Christian Heimes]

Christian Heimes  added the comment:

> Not sure I follow. What's the problem here? The advantage of static linking 
> here will be to not have a dependency on the shared object, which can be 
> quite beneficial.

The problem is that some features are not baked into the .a files. They are 
always provided as shared libraries. This included OpenSSL engine extensions 
such as AFALG engine or external engines like p11-kit, OpenSC, or others. 
OpenSSL 3.0.0 moves some features into external OSSL provider libraries, for 
example legacy crypto algorithms. I have not figured out how much functionality 
we woud loose without engines and external OSSL providers. 
https://www.openssl.org/docs/manmaster/man3/OSSL_PROVIDER.html
# 3.0.0 alpha build:
$ find -name '*.so'
./engines-3/padlock.so
./engines-3/capi.so
./engines-3/afalg.so
./ossl-modules/fips.so
./ossl-modules/legacy.so
./libssl.so
./libcrypto.so

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43466] ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs

[Pablo Galindo Salgado]

Pablo Galindo Salgado  added the comment:

Note that I am not proposing to statically link the extensions into the core, I 
am proposing to statically link openssl into the extensions, so the symbols are 
in the text segment of the extension.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43467] IDLE: horizontal scrollbar

[David E. Franco G.]

New submission from David E. Franco G. :

I noticed that the horizontal scroll bar is missing, I think it was present in 
previous version, regardless it would be nice if its be present.

Thanks.

--
assignee: terry.reedy
components: IDLE
files: no scroll bar.PNG
messages: 388469
nosy: David E. Franco G., terry.reedy
priority: normal
severity: normal
status: open
title: IDLE: horizontal scrollbar
type: enhancement
versions: Python 3.8, Python 3.9
Added file: https://bugs.python.org/file49865/no scroll bar.PNG

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43466] ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs

[Pablo Galindo Salgado]

Pablo Galindo Salgado  added the comment:

> OpenSSL uses dynamic linking by default.

As long as OpenSSL provide a .a file (they do) you can always static link. That 
is a decision of how you integrate the library.

>  Static linking is problematic for dynamic engine support.

Not sure I follow. What's the problem here? The advantage of static linking 
here will be to not have a dependency on the shared object, which can be quite 
beneficial.


> Dynamic linked OpenSSL has a major benefit: It allows users to update OpenSSL 
> without re-compiling Python.

Yeah, I agree. That's what should always be the default. But there are still 
advantages regarding static linking.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43466] ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs

[Christian Heimes]

Christian Heimes  added the comment:

I would rather not support static linking.

OpenSSL uses dynamic linking by default. Static linking is problematic for 
dynamic engine support. This is going to become an even bigger issue with OSSL 
providers in OpenSSL 3.0.0. I don't know yet how well OpenSSL 3.0.0 will 
support static linking.

Our macOS and Windows builds are now dynamically linked, too. At least Windows 
builds used to be statically linked.

Dynamic linked OpenSSL has a major benefit: It allows users to update OpenSSL 
without re-compiling Python.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43466] ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs

[Christian Heimes]

Christian Heimes  added the comment:

$ tar -xzf openssl-1.1.1j.tar.gz
$ pushd openssl-1.1.1j
$ ./config \
--prefix=/home/heimes/dev/python/custom-openssl \
--openssldir=\
$(find /etc/ -name openssl.cnf -quit -printf "%h" 2>/dev/null)
$ make
$ make install_sw
$ popd

$ pushd cpython
$ ./configure \
--with-openssl=/home/heimes/dev/python/custom-openssl \
--with-openssl-rpath=auto
$ make
$ ldd build/lib.linux-x86_64-3.10/_ssl.cpython-310-x86_64-linux-gnu.so 
linux-vdso.so.1 (0x7ffde07bc000)
libssl.so.1.1 => 
/home/heimes/dev/python/custom-openssl/lib/libssl.so.1.1 (0x7f937493a000)
libcrypto.so.1.1 => 
/home/heimes/dev/python/custom-openssl/lib/libcrypto.so.1.1 (0x7f937465a000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x7f9374608000)
libc.so.6 => /lib64/libc.so.6 (0x7f937443d000)
libdl.so.2 => /lib64/libdl.so.2 (0x7f9374436000)
/lib64/ld-linux-x86-64.so.2 (0x7f93749ff000)
$ ./python
>>> import ssl
>>> ssl.OPENSSL_VERSION
'OpenSSL 1.1.1j  16 Feb 2021'
>>> import urllib.request
>>> r = urllib.request.urlopen("https://www.python.org;)
   ^^^ No cert validation error!

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43466] ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs

[Pablo Galindo Salgado]

Pablo Galindo Salgado  added the comment:

I have a suggestion (I am ok with also doing both). We should add also a flag 
that allows to statically compile openssl into the extension modules (if the .a 
are available) so there will be no shared object dependency. This allows us to 
have artifacts that are more self contained (regarding OpenSSL), partially 
eliminating the problem.

We could also go a step ahead and also hide the OpenSSL symbols from the 
dynamic table, so they don't collide if another shared object is already loaded 
in the future.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue38671] pathlib.Path.resolve(strict=False) returns relative path on Windows if the entry does not exist

[Eryk Sun]

Change by Eryk Sun :


--
components: +Windows
nosy: +paul.moore, steve.dower, tim.golden, zach.ware
type:  -> behavior
versions: +Python 3.10, Python 3.9 -Python 3.6, Python 3.7

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43466] ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs

[Christian Heimes]

Change by Christian Heimes :


--
keywords: +patch
pull_requests: +23586
pull_request: https://github.com/python/cpython/pull/24820

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43466] ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs

[Christian Heimes]

New submission from Christian Heimes :

Python's configure script has the option --with-openssl. It sets a path to a 
custom OpenSSL installation. Internally it provides OPENSSL_INCLUDES, 
OPENSSL_LIBS, and OPENSSL_LDFLAGS. The setup.py script turns the variables into 
include_dirs, library_dirs, and libraries arguments for _ssl and _hashlib 
extension modules.

However neither --with-openssl nor setup.py sets a custom runtime library path 
(rpath). This makes it confusing and hard for users to use a custom OpenSSL 
installation. They need to know that a) they have to take care of rpath on the 
first place, and b) how to set an rpath at compile or runtime. Without an 
rpath, the dynamic linker either fails to locate libssl/libcrypto or load 
system-provided shared libraries. Ticket bpo-34028 contains examples of user 
issues.

I propose to include a new option to make it easier for users to use a custom 
build of OpenSSL:

--with-openssl-rpath=

no (default): don't set an rpath
auto: auto-detect rpath from OPENSSL_LDFLAGS (--with-openssl or pkg-config)
DIR: set a custom rpath

The option will only affect the rpath of _ssl and _hashlib modules. The default 
value "no" is fully backwards compatible with 3.9 and earlier.

--
assignee: christian.heimes
components: Installation, SSL
messages: 388463
nosy: barry, christian.heimes, gregory.p.smith, pablogsal
priority: normal
severity: normal
stage: patch review
status: open
title: ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL 
libs
type: enhancement
versions: Python 3.10

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43438] [doc] sys.addaudithook() documentation should be more explicit on its limitations

[Frank]

Frank  added the comment:

PEP 551 is confusing. It looked suggesting that it's a "security tool" that 
"detects, identifies and analyzes misuse of Python" to me (and apparently many 
others).

examples shown in the PEP includes WannaCrypt, APTs, all of which involves the 
good old remote code execution, which is basically a sandboxed environment it 
self, at least in some way.

also, the challenges provided the contestants with a "background story" that 
enables an attacker to execute arbitrary code doesn't mean that one HAVE to 
gain code execution to achieve the goal of bypassing the aevents. in this case, 
one only have to find the list object which contains the audit hooks 
registered, and clear it(or replace it). this clearly breaks the promise made 
in PEP 578 (Hooks cannot be removed or replaced). THIS SHOULD BE FIXED.

ALSO(again), the software is not always doing what it's designed to do. maybe, 
I mean maybe, developers should make changes according to what users are doing. 
I don't know, really.

--
nosy: +frankli

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43435] Py_BuildValue("y#".... returns incomplete result

[Christian Heimes]

Christian Heimes  added the comment:

Don't feel bad about it. Nintendo made a very similar mistake. The trucha bug 
made it trivial to bypass DRM of Wii games.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43456] Remove _xxsubinterpreters from sys.stdlib_module_names

[STINNER Victor]

STINNER Victor  added the comment:

> Thanks, Victor! And I will independently say that my use of 
> sys.stdlib_module_names suggests the list seems accurate(and is useful)!

Well, it helps to define "what is the stdlib?" ;-)

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43435] Py_BuildValue("y#".... returns incomplete result

[David Wood]

David Wood  added the comment:

Christian/Eric -

Thank you both so much for taking time on this.  Christian had pointed out the 
use of memcpy vs strncpy.  It turns out that while strncpy is designed to copy 
a specific number of chars, it turns out that it stops on null.  I did make the 
change Christian suggested however, it turns out that strncpy was also used in 
the decrypt function which was also subject to the same problem.

--
resolution:  -> not a bug
stage:  -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43456] Remove _xxsubinterpreters from sys.stdlib_module_names

[Brett Cannon]

Brett Cannon  added the comment:

Thanks, Victor! And I will independently say that my use of 
sys.stdlib_module_names suggests the list seems accurate(and is useful)!

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43292] xml.ElementTree iterparse filehandle left open

[Martin Panter]

Change by Martin Panter :


--
type: security -> resource usage

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43292] xml.ElementTree iterparse filehandle left open

[Martin Panter]

Martin Panter  added the comment:

Perhaps this can be handled with Issue 25707, which is open for adding an API 
to close the file, similar to how "os.scandir" iterator implements a context 
manager and "close" method.

--
nosy: +martin.panter
superseder:  -> Add the close method for ElementTree.iterparse() object

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43465] ./configure --help describes what --with-ensurepip does poorly

[David Tucker]

Change by David Tucker :


--
nosy: +tucked

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43465] ./configure --help describes what --with-ensurepip does poorly

[Enji Cooper]

New submission from Enji Cooper :

Many users are used to --without-* flags in autoconf disabling features (and 
optionally not installing them). --without-ensurepip (at face value to me) 
suggests it shouldn't be built/installed.

This comment in https://bugs.python.org/issue20417 by dstufft implies 
otherwise. From https://bugs.python.org/msg209537 :

> I don't see any reason not to install ensurepip in this situation. That flag 
> controls whether or not ``python -m ensurepip`` will be executed during the 
> install, but ensurepip itself will still be installed. It is not an optional 
> module

This isn't what "./configure --help" implies though:

```
$ git log --oneline -n 1
87f649a409 (HEAD -> master, upstream/master, origin/master, 
origin/logging-config-dictconfig-support-more-sysloghandler-options, 
origin/HEAD, logging-config-dictconfig-support-more-sysloghandler-options) 
bpo-43311: Create GIL autoTSSkey ealier (GH-24819)
$ ./configure --help

...

  --with-ensurepip[=install|upgrade|no]
  "install" or "upgrade" using bundled pip (default is
  upgrade)
$
```

The wording should be clarified to note what the flag actually does instead of 
causing [valid] confusion to end-users which might make them think that the 
ensurepip module shouldn't be installed if --without-ensurepip is specified.

--
components: Build
messages: 388456
nosy: ngie
priority: normal
severity: normal
status: open
title: ./configure --help describes what --with-ensurepip does poorly
versions: Python 3.10

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue42988] [security] CVE-2021-3426: Information disclosure via pydoc -p: /getfile?key=path allows to read arbitrary file on the filesystem

[STINNER Victor]

STINNER Victor  added the comment:

Fedora downstream issue: https://bugzilla.redhat.com/show_bug.cgi?id=1937476

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43311] bpo-43311: PyInterpreterState_New use thread-specific data tstate before key create .

[STINNER Victor]

STINNER Victor  added the comment:

Thanks for your bug report junyixie, it should now be fixed. See bpo-40522 for 
the follow up.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43311] bpo-43311: PyInterpreterState_New use thread-specific data tstate before key create .

[STINNER Victor]

STINNER Victor  added the comment:


New changeset 87f649a409da9d99682e78a55a83fc43225a8729 by Victor Stinner in 
branch 'master':
bpo-43311: Create GIL autoTSSkey ealier (GH-24819)
https://github.com/python/cpython/commit/87f649a409da9d99682e78a55a83fc43225a8729


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue42988] [security] CVE-2021-3426: Information disclosure via pydoc -p: /getfile?key=path allows to read arbitrary file on the filesystem

[STINNER Victor]

STINNER Victor  added the comment:

I created https://python-security.readthedocs.io/vuln/pydoc-getfile.html to 
track this vulnerability. The is no CVE section yet since the CVE is currently 
only *RESERVED*.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue42988] [security] CVE-2021-3426: Information disclosure via pydoc -p: /getfile?key=path allows to read arbitrary file on the filesystem

[Miro Hrončok]

Miro Hrončok  added the comment:

This is now CVE-2021-3426.

--
title: [security] Information disclosure via pydoc -p: /getfile?key=path allows 
to read arbitrary file on the filesystem -> [security] CVE-2021-3426: 
Information disclosure via pydoc -p: /getfile?key=path allows to read arbitrary 
file on the filesystem

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43462] canvas.bbox returns None on 'hidden' items while coords doesn't

[Vincent]

Vincent  added the comment:

No, not hang. It returns a NoneType.

See this example:

>>> x = canvas.bbox('tunnel')
>>> type(x)

>>>

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43311] bpo-43311: PyInterpreterState_New use thread-specific data tstate before key create .

[STINNER Victor]

Change by STINNER Victor :


--
pull_requests: +23585
pull_request: https://github.com/python/cpython/pull/24819

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43353] Document that logging.getLevelName() can return a numeric value.

[Fred Drake]

Fred Drake  added the comment:

Mariusz: Good point.  IMO, an insane API behavior, but a legacy we must live 
with.

No further objections from me.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43353] Document that logging.getLevelName() can return a numeric value.

[Mariusz Felisiak]

Mariusz Felisiak  added the comment:

"numeric" doesn't refer to the "Level #" representation but to the fact that 
`getLevelName()` returns a numeric value when the corresponding name is passed, 
e.g.

>>> getLevelName('CRITICAL') 
50

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue42967] [CVE-2021-23336] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator

[Gregory P. Smith]

Gregory P. Smith  added the comment:

Riccardo - FWIW I agree, the wrong part of the stack was blamed and a CVE was 
wrongly sought for against CPython on this one.

It's sewage under the bridge at this point. The API change has shipped in 
several different stable releases and thus is something virtually Python all 
code must now deal with.

Why was this a bad change to make?  Python's parse_qsl obeyed the prevailing 
HTML 4 standard at the time it was written:

https://www.w3.org/TR/html401/appendix/notes.html#ampersands-in-uris

'''
We recommend that HTTP server implementors, and in particular, CGI implementors 
support the use of ";" in place of "&"
'''

That turns out to have been bad advice in the standard. 15 years later the 
html5 standard quoted in Adam's snyk blog post links to its text on this which 
leaves no room for that interpretation.

In that light, the correct thing to do for this issue would be to:

* Make the default behavior change in 3.10 match the html5 standard [done].
* Document that it matches the html4 standard in 3.9 and earlier without 
changing their default behavior [oops, too late, not done].
* While adding the ability to allow applications to select the stricter 
behavior on those older versions.  [only sort of done, and somewhat too late 
now that the strict version has already shipped as stable]

Afterall, the existence of html5 didn't magically fix all of the html and web 
applications written in the two decades of web that came before it.  Ask any 
browser author...

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43353] Document that logging.getLevelName() can return a numeric value.

[Fred Drake]

Fred Drake  added the comment:

Just noticed this fly by in the stream of emails... sorry for not commenting 
earlier.

The patch seems to describe "Level #" as "numeric", which I would not be 
inclined to do.  It includes the numeric value since there's no available name 
for it, but as a value, it's still textual.

I'm referring specifically to the change here:
https://github.com/python/cpython/commit/bbba28212ce0f58096a4043f32442c6e727b74fc#diff-1bf0ad6d121df3948853dafdd8e5406709fe0c3911b30e3cf2def41717455c98R121

Otherwise, I do believe this should be back-ported.

--
nosy: +fdrake

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43353] Document that logging.getLevelName() can return a numeric value.

[Mariusz Felisiak]

Mariusz Felisiak  added the comment:

Do we want to backport this patch? If yes, I can prepare backports. If not, we 
can close the ticket.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43463] typing.get_type_hints with TYPE_CHECKING imports / getting hints for single argument

[Guido van Rossum]

Guido van Rossum  added the comment:

Maybe return the original string?

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43464] set intersections should short-circuit

[Karthikeyan Singaravelan]

Change by Karthikeyan Singaravelan :


--
nosy: +rhettinger

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43287] Use PEP 590 vectorcall to speed up calls to filter()

[Dong-hee Na]

Change by Dong-hee Na :


--
resolution:  -> fixed
stage: patch review -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43287] Use PEP 590 vectorcall to speed up calls to filter()

[Dong-hee Na]

Dong-hee Na  added the comment:


New changeset 9a9c11ad41d7887f3d6440e0f0e8966156d959b5 by Dong-hee Na in branch 
'master':
bpo-43287: Use PEP 590 vectorcall to speed up filter() (GH-24611)
https://github.com/python/cpython/commit/9a9c11ad41d7887f3d6440e0f0e8966156d959b5


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43464] set intersections should short-circuit

[Josh Rosenberg]

New submission from Josh Rosenberg :

At present, set_intersection (the C name for set.intersection) optimizes for 
pairs of sets by iterating the smallest set and only adding entries found in 
the larger, meaning work is proportionate to the smallest input.

But when the other input isn't a set, it goes with a naive solution, iterating 
the entire non-set, and adding entries found in the set. This is fine when the 
intersection will end up smaller than the original set (there's no way to avoid 
exhausting the non-set when that's the case), but when the intersection ends up 
being the same size as the original, we could add a cheap length check and 
short-circuit at that point.

As is, {4}.intersection(range(1)) takes close to 1000 times longer than 
{4}.intersection(range(10)) despite both of them reaching the point where the 
outcome will be {4} at the same time.

Since the length check for short-circuiting only needs to be performed when 
input set actually contains the value, the cost should be fairly low.

I figure this would be the worst case for the change:

{3, 4}.intersection((4,) * 1)

where it performs the length check every time, and doesn't benefit from 
short-circuiting. But cases like:

{4}.intersection((4,) * 1)

or

{4}.intersection(range(1))

would finish much faster. A similar optimization to set_intersection_multi (to 
stop when the intermediate result is empty) would make cases like:

{4000}.intersection([1], range(1), range(10, 20))

also finish dramatically quicker in the (I'd assume not uncommon case) where 
the intersection of many iterables is empty, and this could be known quite 
early on (the cost of this check would be even lower, since it would only be 
performed once per iterable, not per-value).

Only behavioral change this would cause is that errors resulting from 
processing items in an iterable that is no longer run to exhaustion due to 
short-circuiting wouldn't happen ({4}.intersection([4, []]) currently dies, but 
would succeed with short-circuiting; same foes for {4}.intersection([5], [[]]) 
if set_intersection_multi is optimized), and input iterators might be left only 
partially consumed. If that's acceptable, the required code changes are trivial.

--
components: C API
keywords: easy (C)
messages: 388442
nosy: josh.r
priority: normal
severity: normal
status: open
title: set intersections should short-circuit
versions: Python 3.10

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43311] bpo-43311: PyInterpreterState_New use thread-specific data tstate before key create .

[junyixie]

junyixie  added the comment:

Yes, this is an issue under building Python with 
--with-experimental-isolated-subinterpreters

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue42967] [CVE-2021-23336] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator

[Riccardo Schirone]

Riccardo Schirone  added the comment:

> So far, we at openSUSE had to package at least SQLAlchemy, Twisted, yarl and 
> furl. The author of the first one acknowledged use of semicolon as a bug. I 
> don't think it was so bad.

Did you upstream fixes for those packages?

Asking because if this is considered a vulnerability in Python, it should be 
considered a vulnerability for every other tool/library that accept `;` as 
separator. For example, Twisted seems to have a parse_qs method in web/http.py 
file that splits by both `;` and `&`.

Again, I feel like we are blaming the wrong piece of the stack, unless proxies 
are usually ignoring some arguments (e.g. utm_*) as part of the cache key, by 
default or in a very easy way.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43462] canvas.bbox returns None on 'hidden' items while coords doesn't

[Serhiy Storchaka]

Serhiy Storchaka  added the comment:

What do you mean by "return nothing not even None"? Does it hang?

--
nosy: +serhiy.storchaka

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43406] Possible race condition between signal catching and signal.signal

[STINNER Victor]

STINNER Victor  added the comment:


New changeset 531f2ebd60a662111c78107935d249d3d52f9a4f by Miss Islington (bot) 
in branch '3.9':
bpo-43406: Fix test_signal.test_stress_modifying_handlers() (GH-24815) 
(GH-24817)
https://github.com/python/cpython/commit/531f2ebd60a662111c78107935d249d3d52f9a4f


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue42967] [CVE-2021-23336] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator

[Ken Jin]

Change by Ken Jin :


--
pull_requests: +23584
pull_request: https://github.com/python/cpython/pull/24818

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43463] typing.get_type_hints with TYPE_CHECKING imports / getting hints for single argument

[Ken Jin]

Change by Ken Jin :


--
nosy: +kj

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43406] Possible race condition between signal catching and signal.signal

[miss-islington]

miss-islington  added the comment:


New changeset ac5e23c540f5ec20fc390c72e097e0fdaf8b7ac9 by Miss Islington (bot) 
in branch '3.8':
bpo-43406: Fix test_signal.test_stress_modifying_handlers() (GH-24815)
https://github.com/python/cpython/commit/ac5e23c540f5ec20fc390c72e097e0fdaf8b7ac9


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43463] typing.get_type_hints with TYPE_CHECKING imports / getting hints for single argument

[Eric V. Smith]

Change by Eric V. Smith :


--
nosy: +eric.smith

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43463] typing.get_type_hints with TYPE_CHECKING imports / getting hints for single argument

[Florian Bruhin]

New submission from Florian Bruhin :

Consider a file such as:

# from __future__ import annotations
from typing import TYPE_CHECKING, Union, get_type_hints

if TYPE_CHECKING:
import types

def fun(a: 'types.SimpleNamespace', b: Union[int, str]):
pass

print(fun.__annotations__)
print(get_type_hints(fun))

When running this, typing.get_type_hints fails (as you would expect):

Traceback (most recent call last):
  File "/home/florian/tmp/x.py", line 11, in 
print(get_type_hints(fun))
  File "/usr/lib/python3.9/typing.py", line 1449, in get_type_hints
value = _eval_type(value, globalns, localns)
  File "/usr/lib/python3.9/typing.py", line 283, in _eval_type
return t._evaluate(globalns, localns, recursive_guard)
  File "/usr/lib/python3.9/typing.py", line 539, in _evaluate
eval(self.__forward_code__, globalns, localns),
  File "", line 1, in 
NameError: name 'types' is not defined

However, in my case I'm not actually interested in the type of 'a', I only need 
the type for 'b'. Before Python 3.10 (or the __future__ import), I can do so by 
getting it from __annotations__ directly.

With Python 3.10 (or the __future__ import), this doesn't seem to be possible 
anymore - I'd need to either evaluate the 'Union[int, str]' annotation manually 
(perhaps calling into private typing.py functions), or maybe work around the 
issue by passing some magical dict-like object as local/globals which ignores 
the NameError. Both of those seem suboptimal.

Thus, I'd like a way to either:

1) Ignore exceptions in get_type_hints and instead get something like a 
typing.Unresolvable['types.SimpleNamespace'] back
2) Have something like a typing.get_argument_type_hints(fun, 'b') instead, 
allowing me to get the arguments one by one rather than resolving the whole 
thing
3) Have a public API to resolve a string type annotation (i.e. the equivalent 
of `typing._eval_type`)

--
components: Library (Lib)
messages: 388436
nosy: The Compiler, gvanrossum, levkivskyi
priority: normal
severity: normal
status: open
title: typing.get_type_hints with TYPE_CHECKING imports / getting hints for 
single argument
type: behavior
versions: Python 3.10, Python 3.9

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43406] Possible race condition between signal catching and signal.signal

[STINNER Victor]

Change by STINNER Victor :


--
resolution:  -> fixed
stage: patch review -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43406] Possible race condition between signal catching and signal.signal

[miss-islington]

Change by miss-islington :


--
pull_requests: +23582
pull_request: https://github.com/python/cpython/pull/24816

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43406] Possible race condition between signal catching and signal.signal

[miss-islington]

Change by miss-islington :


--
pull_requests: +23583
pull_request: https://github.com/python/cpython/pull/24817

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43406] Possible race condition between signal catching and signal.signal

[STINNER Victor]

STINNER Victor  added the comment:


New changeset 1fa17e8cc62775a2e34b158135ce8589f9394f03 by Victor Stinner in 
branch 'master':
bpo-43406: Fix test_signal.test_stress_modifying_handlers() (GH-24815)
https://github.com/python/cpython/commit/1fa17e8cc62775a2e34b158135ce8589f9394f03


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue42967] [CVE-2021-23336] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator

[Senthil Kumaran]

Senthil Kumaran  added the comment:

Petr, thank you. Let's treat it as a new issue linked to this.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43462] canvas.bbox returns None on 'hidden' items while coords doesn't

[Vincent]

Change by Vincent :


--
type:  -> behavior

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue42967] [CVE-2021-23336] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator

[Petr Viktorin]

Petr Viktorin  added the comment:

With the fix, parse_qs[l] doesn't handle bytes separators correctly.
There is an explicit type check for str/bytes:

if not separator or (not isinstance(separator, (str, bytes))):
raise ValueError("Separator must be of type string or bytes.")

but a bytes separator fails further down:

>>> import urllib.parse
>>> urllib.parse.parse_qs('a=1,b=2', separator=b',')
Traceback (most recent call last):
  File "", line 1, in 
  File "/home/pviktori/dev/cpython/Lib/urllib/parse.py", line 695, in parse_qs
pairs = parse_qsl(qs, keep_blank_values, strict_parsing,
  File "/home/pviktori/dev/cpython/Lib/urllib/parse.py", line 748, in parse_qsl
pairs = [s1 for s1 in qs.split(separator)]
TypeError: must be str or None, not bytes

--
nosy: +petr.viktorin

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43462] canvas.bbox returns None on 'hidden' items while coords doesn't

[Vincent]

New submission from Vincent :

canvas.bbox() should return a tuple containing values whether an item is hidden 
or not. canvax.coords() does return a tuple when an item is hidden.

Steps to reproduce:

```
  from tkinter import * 
  root = Tk()
  canvas = Canvas(root)
  id1 = canvas.create_line(10,5,20,5, tags='tunnel')
  id2 = canvas.create_line(10,8,20,8, tags='tunnel')
  canvas.bbox('tunnel')   # return a tupple
  canvas.itemconfig('tunnel', state='hidden')
  canvas.bbox('tunnel')   # return nothing not even None
```

I need bbox to return a tuple containing values. The consequences is that the 
code must make the items temporarily visible before it can invoke the bbox 
function. This turning on and off creates flashing items in my program.

Thanks in advance!

--
components: Tkinter
messages: 388432
nosy: Vincent
priority: normal
severity: normal
status: open
title: canvas.bbox returns None on 'hidden' items while coords doesn't
versions: Python 3.7

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43406] Possible race condition between signal catching and signal.signal

[STINNER Victor]

STINNER Victor  added the comment:

> The new functional test has two race conditions.

I don't think that it's a bug in Python, but more race conditions in the test.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43406] Possible race condition between signal catching and signal.signal

[STINNER Victor]

Change by STINNER Victor :


--
pull_requests: +23581
stage: resolved -> patch review
pull_request: https://github.com/python/cpython/pull/24815

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43461] Tottime column for cprofile output does not add up

[Jonathan Frawley]

New submission from Jonathan Frawley :

I am using cprofile and PStats to try and figure out where bottlenecks are in a 
program. When I sum up all of the times in the "tottime" column, it only comes 
to 57% of the total runtime. Is this due to rounding of times or some other 
issue?

--
messages: 388430
nosy: jonathanfrawley
priority: normal
severity: normal
status: open
title: Tottime column for cprofile output does not add up
type: behavior
versions: Python 3.9

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43406] Possible race condition between signal catching and signal.signal

[STINNER Victor]

STINNER Victor  added the comment:

The change added a new functional test. As I expected, it failed on "AMD64 
Debian root". I expected it because the previously added functional test failed 
failed on "AMD64 Debian root", I reported the race condition in 2017 and it's 
still not fixed: bpo-30849.

The new functional test has two race conditions.

I reopen the issue.


== Race condition 1 ==

AMD64 Debian root 3.x:
https://buildbot.python.org/all/#/builders/345/builds/903

0:15:05 load avg: 2.58 [137/427/1] test_signal failed (env changed) (1 min 13 
sec)
Warning -- Unraisable exception
Traceback (most recent call last):
  File "/root/buildarea/3.x.angelico-debian-amd64/build/Lib/threading.py", line 
1067, in _wait_for_tstate_lock
elif lock.acquire(block, timeout):
OSError: Signal 10 ignored due to race condition


== Race condition 2 ==

By the way, the test also fails when I stress my laptop:

$ ./python -m test --fail-env-changed test_signal -F -j40 -m 
test_stress_modifying_handlers -v
== CPython 3.10.0a6+ (heads/master:a9c03d7fb7, Mar 10 2021, 12:41:26) [GCC 
10.2.1 20201125 (Red Hat 10.2.1-9)]
== Linux-5.10.15-200.fc33.x86_64-x86_64-with-glibc2.32 little-endian
== cwd: /home/vstinner/python/master/build/test_python_223315æ
== CPU count: 8
== encodings: locale=UTF-8, FS=utf-8
0:00:00 load avg: 4.17 Run tests in parallel using 40 child processes
(...)
0:00:05 load avg: 7.52 [  5/1] test_signal failed
test_stress_modifying_handlers (test.test_signal.StressTest) ... FAIL

==
FAIL: test_stress_modifying_handlers (test.test_signal.StressTest)
--
Traceback (most recent call last):
  File "/home/vstinner/python/master/Lib/test/test_signal.py", line 1297, in 
test_stress_modifying_handlers
self.assertGreater(num_received_signals, 0)
AssertionError: 0 not greater than 0

--

Ran 1 test in 0.039s

FAILED (failures=1)
test test_signal failed
(...)

--
nosy: +vstinner
resolution: fixed -> 
status: closed -> open

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43460] Exception copy error

[Douglas Raillard]

Douglas Raillard  added the comment:

The solution based on the signature is something along those lines:

class E(BaseException):
def __new__(cls, *args, **kwargs):
"""
Fix exception copying.

Turn all the keyword arguments into positional arguments, so that 
the
:exc:`BaseException` machinery has all the parameters for a valid 
call
to ``__new__``, instead of missing all the keyword arguments.
"""
sig = inspect.signature(cls.__init__)
bound_args = sig.bind_partial(*args, **kwargs)
bound_args.apply_defaults()
args = tuple(bound_args.arguments.values())
return super().__new__(cls, *args)

def __init__(self, x):
self.x=x

But there are a many shortcomings to that approach:

 * What if super().__new__() consumes arguments before passing the rest to 
__init__() ? This fix is blind to that since it only cares about __init__ 
signature

 * What if inspect.signature() does not provide a signature (extension modules) 
?

 * Defaults are "hardcoded" in the args, so the object will always be restored 
with the defaults of the time it was created. This is a breaking change, as 
currently the defaults used when restoring the instance are the current ones.

 * Also uses more memory for args (and for pickle files), since it contains all 
the defaults

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43460] Exception copy error

[Douglas Raillard]

New submission from Douglas Raillard :

Instances of subclasses of BaseException created with keyword argument fail to 
copy properly as demonstrated by:

import copy

class E(BaseException):
def __init__(self, x):
self.x=x

# works fine
e = E(None)
copy.copy(e)

# raises
e = E(x=None)
copy.copy(e)

This seems to affect all Python versions I've tested (3.6 <= Python <= 3.9).

I've currently partially worked around the issue with a custom pickler that 
just restores __dict__, but:

 * "args" is not part of __dict__, and setting "args" key in __dict__ does not 
create a "working object" (i.e. the key is set, but is ignored for all intents 
and purposes except direct lookup in __dict__)

 * pickle is friendly: you can provide a custom pickler that chooses the reduce 
function for each single class.
   copy module is much less friendly: copyreg.pickle() only allow registering 
custom functions for specific classes. That means there is no way (that I know) 
to make copy.copy() select a custom reduce for a whole subclass tree.


One the root of the issue:

 * exception from the standard library prevent keyword arguments (maybe because 
of that issue ?), but there is no such restriction on user-defined classes.
 * the culprit is BaseException_reduce() (in Objects/exceptions.c) [1]

It seems that the current behavior is a consequence of the __dict__ being 
created lazily, I assume for speed and memory efficiency

There seems to be a few approaches that would solve the issue:

 * keyword arguments passed to the constructor could be fused with the 
positional arguments in BaseException_new (using the signature, but signature 
might be not be available for extension types I suppose)

 * keyword arguments could just be stored like "args" in a "kwargs" attribute 
in PyException_HEAD, so they are preserved and passed again to __new__ when the 
instance is restored upon copying/pickling.

 * the fact that keyword arguments were used could be saved as a bool in 
PyException_HEAD. When set, this flag would make BaseException_reduce() only 
use __dict__ and not "args". This would technically probably be a breaking 
change, but the only cases I can think of where this would be observable are a 
bit far fetched (if __new__ or __init__ have side effects beyond storing 
attributes in __dict__).

[1] https://github.com/python/cpython/blob/master/Objects/exceptions.c#L134

--
messages: 388427
nosy: douglas-raillard-arm
priority: normal
severity: normal
status: open
title: Exception copy  error
type: behavior

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43456] Remove _xxsubinterpreters from sys.stdlib_module_names

[STINNER Victor]

Change by STINNER Victor :


--
resolution:  -> fixed
stage: patch review -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43456] Remove _xxsubinterpreters from sys.stdlib_module_names

[STINNER Victor]

STINNER Victor  added the comment:


New changeset a9c03d7fb78ab79710f79190f0584a09d9fd1a61 by Victor Stinner in 
branch 'master':
bpo-43456: Remove _xxsubinterpreters from sys.stdlib_module_names (GH-24814)
https://github.com/python/cpython/commit/a9c03d7fb78ab79710f79190f0584a09d9fd1a61


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43448] exec() ignores scope.

[Mark Dickinson]

Mark Dickinson  added the comment:

> At most I think this issue is a duplicate of bpo-24800

Agreed; closing here.

--
nosy: +mark.dickinson
resolution:  -> duplicate
stage:  -> resolved
status: open -> closed
superseder:  -> exec docs should note that the no argument form in a local 
scope is really the two argument form

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37374] Minidom does not have to escape quote inside text segments

[Viktor Plézer]

Viktor Plézer  added the comment:

Sorry, to agree with @mitar

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37374] Minidom does not have to escape quote inside text segments

[Viktor Plézer]

Viktor Plézer  added the comment:

Almost 2 years later I only registered to agree with Daniel. This is extremely 
annoying.

Use case: I am generating XMLs for Apigee, where my conditions contain quotes 
and there's no need to escape them.

--
nosy: +viplezer

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43456] Remove _xxsubinterpreters from sys.stdlib_module_names

[STINNER Victor]

STINNER Victor  added the comment:

With PR 24814, sys.stdlib_module_names contains 301 names:

__future__
_abc
_aix_support
_ast
_asyncio
_bisect
_blake2
_bootsubprocess
_bz2
_codecs
_codecs_cn
_codecs_hk
_codecs_iso2022
_codecs_jp
_codecs_kr
_codecs_tw
_collections
_collections_abc
_compat_pickle
_compression
_contextvars
_crypt
_csv
_ctypes
_curses
_curses_panel
_datetime
_dbm
_decimal
_elementtree
_frozen_importlib
_frozen_importlib_external
_functools
_gdbm
_hashlib
_heapq
_imp
_io
_json
_locale
_lsprof
_lzma
_markupbase
_md5
_msi
_multibytecodec
_multiprocessing
_opcode
_operator
_osx_support
_pickle
_posixshmem
_posixsubprocess
_py_abc
_pydecimal
_pyio
_queue
_random
_sha1
_sha256
_sha3
_sha512
_signal
_sitebuiltins
_socket
_sqlite3
_sre
_ssl
_stat
_statistics
_string
_strptime
_struct
_symtable
_thread
_threading_local
_tkinter
_tracemalloc
_uuid
_warnings
_weakref
_weakrefset
_winapi
_zoneinfo
abc
aifc
antigravity
argparse
array
ast
asynchat
asyncio
asyncore
atexit
audioop
base64
bdb
binascii
binhex
bisect
builtins
bz2
cProfile
calendar
cgi
cgitb
chunk
cmath
cmd
code
codecs
codeop
collections
colorsys
compileall
concurrent
configparser
contextlib
contextvars
copy
copyreg
crypt
csv
ctypes
curses
dataclasses
datetime
dbm
decimal
difflib
dis
distutils
doctest
email
encodings
ensurepip
enum
errno
faulthandler
fcntl
filecmp
fileinput
fnmatch
fractions
ftplib
functools
gc
genericpath
getopt
getpass
gettext
glob
graphlib
grp
gzip
hashlib
heapq
hmac
html
http
idlelib
imaplib
imghdr
imp
importlib
inspect
io
ipaddress
itertools
json
keyword
lib2to3
linecache
locale
logging
lzma
mailbox
mailcap
marshal
math
mimetypes
mmap
modulefinder
msilib
msvcrt
multiprocessing
netrc
nis
nntplib
nt
ntpath
nturl2path
numbers
opcode
operator
optparse
os
ossaudiodev
pathlib
pdb
pickle
pickletools
pipes
pkgutil
platform
plistlib
poplib
posix
posixpath
pprint
profile
pstats
pty
pwd
py_compile
pyclbr
pydoc
pydoc_data
pyexpat
queue
quopri
random
re
readline
reprlib
resource
rlcompleter
runpy
sched
secrets
select
selectors
shelve
shlex
shutil
signal
site
smtpd
smtplib
sndhdr
socket
socketserver
spwd
sqlite3
sre_compile
sre_constants
sre_parse
ssl
stat
statistics
string
stringprep
struct
subprocess
sunau
symtable
sys
sysconfig
syslog
tabnanny
tarfile
telnetlib
tempfile
termios
textwrap
this
threading
time
timeit
tkinter
token
tokenize
trace
traceback
tracemalloc
tty
turtle
turtledemo
types
typing
unicodedata
unittest
urllib
uu
uuid
venv
warnings
wave
weakref
webbrowser
winreg
winsound
wsgiref
xdrlib
xml
xmlrpc
zipapp
zipfile
zipimport
zlib
zoneinfo

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43456] Remove _xxsubinterpreters from sys.stdlib_module_names

[STINNER Victor]

STINNER Victor  added the comment:

> I noticed that _xxsubinterpreters is in sys.stdlib_module_names but none of 
> the other `_xx` modules are included (nor is 'test'). Since 
> _xxsubinterpreters is only meant for testing (ATM) I think it should probably 
> be left out.

Oh right, I agree that _xxsubinterpreters is not really part of the stdlib, 
it's more designed to write unit tests. I wrote PR 24814 to remove it.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43456] Remove _xxsubinterpreters from sys.stdlib_module_names

[STINNER Victor]

Change by STINNER Victor :


--
keywords: +patch
pull_requests: +23580
stage:  -> patch review
pull_request: https://github.com/python/cpython/pull/24814

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43445] Add frozen modules to sys.stdlib_module_names

[STINNER Victor]

STINNER Victor  added the comment:

Neal: you may also read the thread on python-dev:
https://mail.python.org/archives/list/python-...@python.org/thread/BTX7SH2CR66QCLER2EXAK2GOUAH2U4CL/

--
resolution:  -> fixed
stage: patch review -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue42955] Add sys.stdlib_module_names: list of stdlib module names (Python and extension modules)

[STINNER Victor]

STINNER Victor  added the comment:

I also created a thread on python-dev to discuss this new feature:
https://mail.python.org/archives/list/python-...@python.org/thread/BTX7SH2CR66QCLER2EXAK2GOUAH2U4CL/

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43445] Add frozen modules to sys.stdlib_module_names

[STINNER Victor]

STINNER Victor  added the comment:


New changeset 307745aa42196ad3fd97fee4a1ae6496bb895596 by Victor Stinner in 
branch 'master':
bpo-43445: Add frozen modules to sys.stdlib_module_names (GH-24798)
https://github.com/python/cpython/commit/307745aa42196ad3fd97fee4a1ae6496bb895596


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue39511] [subinterpreters] Per-interpreter singletons (None, True, False, etc.)

[STINNER Victor]

STINNER Victor  added the comment:

> Actually, interp->none shared _Py_NoneStruct variable.

My PR 18301 is a draft to check if we can solve the issue without breaking the 
C API compatibility. You're right that it doesn't solve the issue, it only 
checks the C API issue. IMO the PR 18301 proves that the "#define Py_None 
Py_GetNone()" trick works.

--

By the way, when I worked on a tagged pointer experiment:
https://github.com/vstinner/cpython/pull/6

I had to introduce Py_IS_NONE(op) function, since it was no longer possible to 
compare directly "op == Py_None".

static inline int Py_IS_NONE(PyObject *op) {
return (op == &_Py_NoneStruct || op == _Py_TAGPTR_NONE);
}

But this is not needed to solve this issue.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43364] Windows: Make UTF-8 mode more accessible

[Inada Naoki]

Inada Naoki  added the comment:

> Maybe as a global setting, the better thing to copy is the button at the end 
> of installation that offers to change the long path policy?

I tried it but there is no enough space.
See GH-24813 and attached screenshot.

--
Added file: https://bugs.python.org/file49864/utf8mode-screenshot1.png

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43364] Windows: Make UTF-8 mode more accessible

[Inada Naoki]

Change by Inada Naoki :


--
pull_requests: +23579
pull_request: https://github.com/python/cpython/pull/24813

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43420] Optimize rational arithmetics

[Sergey B Kirpichev]

Sergey B Kirpichev  added the comment:

On Tue, Mar 09, 2021 at 05:11:09AM +, Tim Peters wrote:
> those for + and - are much subtler

In fact, these optimizations will payoff faster (wrt denominators
size), esp. due to gcd==1 branch.

Sorry for off-topic:

> WRT which, I added Python's Karatsuba implementation and regret doing so.
> I don't want to take it out now (it's already in ;-) ), but it added quite
> a pile of delicate code to what _was_ a much easier module to grasp.

(And was much more useless, even as a fallback.

But in the end - I agreed, you can't outperform professional bigint
implementations.  I think, you can _use_ them instead.)

> People who need fast multiplication are still far better off using gmpy2 
> anyway

(Another strange python "feature", IMHO.  Why the custom bigint
implementation, why not use the project, that run professionals in the
field?  Looking on the issue 21922 - it seems, that small ints
arithmetics can be almost as fast as for python ints.  Is the
memory handling - out-of-memory situation - the only severe problem?)

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

[Christian Heimes]

Christian Heimes  added the comment:

Thanks, Pablo and Victor!

--
resolution:  -> fixed
stage: patch review -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

[miss-islington]

miss-islington  added the comment:


New changeset f814675376318e0bf9e14fc62826a113cb4ca652 by Pablo Galindo in 
branch '3.9':
[3.9] bpo-43439: Add audit hooks for gc functions (GH-24794). (GH-24811)
https://github.com/python/cpython/commit/f814675376318e0bf9e14fc62826a113cb4ca652


--
nosy: +miss-islington, miss-islington

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

[miss-islington]

miss-islington  added the comment:


New changeset a6d0182879d0bf275c4feb38b57f73236ab9c06c by Pablo Galindo in 
branch '3.8':
[3.8] bpo-43439: Add audit hooks for gc functions (GH-24794). (GH-24810)
https://github.com/python/cpython/commit/a6d0182879d0bf275c4feb38b57f73236ab9c06c


--
nosy: +miss-islington

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue43435] Py_BuildValue("y#".... returns incomplete result

[Christian Heimes]

Christian Heimes  added the comment:

Could you please give us an example for an incorrect output and corresponding 
correct output as bytes representation?

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com