[issue17990] 2.7 builds can fail due to unconditional inclusion of include paths
Changes by Ned Deily n...@acm.org: -- stage: patch review - committed/rejected ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17990 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Changes by Tshepang Lekhonkhobe tshep...@gmail.com: -- nosy: +giampaolo.rodola, josiahcarlson, stutzbach ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Changes by Tshepang Lekhonkhobe tshep...@gmail.com: -- nosy: +tshepang ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue8604] Adding an atomic FS write API
Charles-François Natali added the comment: (Note that the Beaker version would need to be enhanced with the extra API parameters from Victor's version, as well as updated to use the exclusive open and close-on-exec flags) I think the API would be nicer if it was just a wrapper around the underlying temporary file object, delegating all methods except close() (sort of like the _TemporaryFileWrapper in tempfile). Something like (untested, not even foolproof-read) : class AtomicFile: def __init__(self, path): self.dest_path = path dirname, basename = os.path.split(self.dest_path) fd, temp_path = tempfile.mkstemp(prefix='.' + basename, dir=dirname) try: self.f = os.fdopen(fd, 'w') except: os.unlink(temp_path) raise self.temp_path = temp_path def close(self): self.f.close() os.rename(self.temp_path, self.dest_path) # copied from tempfile def __getattr__(self, name): # Attribute lookups are delegated to the underlying file # and cached for non-numeric results # (i.e. methods are cached, closed and friends are not) file = self.__dict__['file'] a = getattr(file, name) if not issubclass(type(a), type(0)): setattr(self, name, a) return a def __enter__self(): self.file.__enter__() return f def __exit__(self, exc, value, tb): if exc is None: self.close() else: self.file.close() os.remove(self.temp_path) This way, one just has to do: f = AtomicFile(path) and then use it as a normal file; it will automatically be committed (or rollback) when the file is closed, either because you're leaving the context manager, or because an explicit() close is called. It also makes it easier to use with legacy code/libraries accepting an open file (since no modification is needed), is less error-prone (since you don't have to remember to call special methods like destroy_temp/replace_dest), and leads to a more compact API (exactly the same as regular files). Otherwise, I think the calls to fsync() should be optional (maybe an option passed to the constructor): most of the time, you want atomicity but not durability (i.e. you don't really care if data is committed to disk), and you don't want to pay for the performance hit incurred by fsync(). Also, fsync() should also be done on the containing directory (which is not the case in Victor's version). -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue8604 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17993] Missed comma causes unintentional implicit string literal concatenation
New submission from Serhiy Storchaka: I just found a bug in Tools/scripts/abitype.py: typeslots = [ 'tp_name', 'tp_basicsize', ... 'tp_subclasses', 'tp_weaklist', 'tp_del' 'tp_version_tag' ] There is a missed comma after 'tp_del'. Perhaps there are other similar bugs in Python sources. -- components: Demos and Tools files: missed_comma.patch keywords: patch messages: 189343 nosy: serhiy.storchaka priority: normal severity: normal stage: patch review status: open title: Missed comma causes unintentional implicit string literal concatenation type: behavior versions: Python 3.3, Python 3.4 Added file: http://bugs.python.org/file30280/missed_comma.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17993 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17993] Missed comma causes unintentional implicit string literal concatenation
Ezio Melotti added the comment: Patch LGTM. Are you planning to look for similar bugs before fixing this? -- nosy: +ezio.melotti stage: patch review - commit review ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17993 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Giampaolo Rodola' added the comment: Can you try to figure out where it hangs exactly? I can't reproduce the issue on Ubuntu and FreeBSD and don't have a Red Hat to test against. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17981] SysLogHandler closes connection before using it
Vinay Sajip added the comment:
The python-daemon documentation states, about files_preserve:
Elements of the list are file descriptors (as returned by a file object's
`fileno()` method) or Python `file` objects. Each specifies a file that is not
to be closed during daemon start.
Notice that file objects are just a convenience - filenos() can be passed. The
following, slightly modified script works as expected:
import logging
import logging.handlers
import daemon
logger = logging.getLogger('twitterCounter')
handler = logging.handlers.SysLogHandler(address='/dev/log')
logger.addHandler(handler)
logger.setLevel(logging.DEBUG)
logger.info(Hello, )
with daemon.DaemonContext(files_preserve=[handler.socket.fileno()]):
logger.info(world!)
Output in syslog after running the above:
May 16 10:58:42 eta-oneiric64 Hello,
May 16 10:58:42 eta-oneiric64 world!
--
status: open - closed
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue17981
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Carlos Nepomuceno added the comment: I don't know what to do. I tried CTRL+C but it didn't stop. Then I pressed CTRL+Z and kill the python process and when i got back with 'fg' the make process had been terminated. No messages were printed. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Jan Lieskovsky added the comment: The CVE identifier of CVE-2013-2099 has been assigned: http://www.openwall.com/lists/oss-security/2013/05/16/6 to this issue. -- nosy: +iankko title: ssl.match_hostname() trips over crafted wildcard names - CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Giampaolo Rodola' added the comment: Does it hang also if you run it directly as in ./python Lib/test/test_asynchat.py. Perhaps you ca try ./python -m trace -t Lib/test/test_asynchat.py? Figuring this out should be relatively easy: you can also just put prints into test_asynchat.py yourself. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Carlos Nepomuceno added the comment: ./python -m trace -t Lib/test/test_asynchat.py [...] --- modulename: asyncore, funcname: poll asyncore.py(126): if map is None: asyncore.py(128): if map: asyncore.py(129): r = []; w = []; e = [] asyncore.py(130): for fd, obj in map.items(): asyncore.py(131): is_r = obj.readable() --- modulename: asynchat, funcname: readable asynchat.py(198): return 1 asyncore.py(132): is_w = obj.writable() --- modulename: asynchat, funcname: writable asynchat.py(202): return self.producer_fifo or (not self.connected) asyncore.py(133): if is_r: asyncore.py(134): r.append(fd) asyncore.py(136): if is_w and not obj.accepting: asyncore.py(137): w.append(fd) asyncore.py(138): if is_r or is_w: asyncore.py(139): e.append(fd) asyncore.py(130): for fd, obj in map.items(): asyncore.py(140): if [] == r == w == e: asyncore.py(144): try: asyncore.py(145): r, w, e = select.select(r, w, e, timeout) asyncore.py(152): for fd in r: asyncore.py(158): for fd in w: asyncore.py(164): for fd in e: asyncore.py(221): count = count - 1 asyncore.py(219): while map and count 0: test_asynchat.py(225): s.start_resend_event.set() --- modulename: threading, funcname: set threading.py(580): self.__cond.acquire() threading.py(581): try: threading.py(582): self.__flag = True threading.py(583): self.__cond.notify_all() --- modulename: threading, funcname: notifyAll threading.py(406): self.notify(len(self.__waiters)) --- modulename: threading, funcname: notify threading.py(382): if not self._is_owned(): --- modulename: threading, funcname: _is_owned threading.py(302): if self.__lock.acquire(0): threading.py(306): return True threading.py(384): __waiters = self.__waiters threading.py(385): waiters = __waiters[:n] threading.py(386): if not waiters: threading.py(388): self._note(%s.notify(): no waiters, self) --- modulename: threading, funcname: _note threading.py(64): if self.__verbose: threading.py(389): return threading.py(585): self.__cond.release() test_asynchat.py(226): s.join() --- modulename: threading, funcname: join threading.py(933): if not self.__initialized: threading.py(935): if not self.__started.is_set(): --- modulename: threading, funcname: isSet threading.py(569): return self.__flag threading.py(937): if self is current_thread(): --- modulename: threading, funcname: currentThread threading.py(1157): try: threading.py(1158): return _active[_get_ident()] threading.py(941): if not self.__stopped: threading.py(942): self._note(%s.join(): waiting until thread stops, self) --- modulename: threading, funcname: _note threading.py(64): if self.__verbose: threading.py(943): self.__block.acquire() threading.py(944): try: threading.py(945): if timeout is None: threading.py(946): while not self.__stopped: threading.py(947): self.__block.wait() --- modulename: threading, funcname: wait threading.py(331): if not self._is_owned(): --- modulename: threading, funcname: _is_owned threading.py(302): if self.__lock.acquire(0): threading.py(306): return True threading.py(333): waiter = _allocate_lock() threading.py(334): waiter.acquire() threading.py(335): self.__waiters.append(waiter) threading.py(336): saved_state = self._release_save() --- modulename: threading, funcname: _release_save threading.py(294): self.__lock.release() # No state to save threading.py(337): try:# restore state no matter what (e.g., KeyboardInterrupt) threading.py(338): if timeout is None: threading.py(339): waiter.acquire() -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Changes by Antoine Pitrou pit...@free.fr: -- stage: - needs patch type: - security versions: +Python 3.2, Python 3.4 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Giampaolo Rodola' added the comment: Nosying Collin Winter as per rev 531d3023b48b. In the meantime you can try to specify a timeout for join() as in: diff --git a/Lib/test/test_asynchat.py b/Lib/test/test_asynchat.py --- a/Lib/test/test_asynchat.py +++ b/Lib/test/test_asynchat.py @@ -223,7 +223,7 @@ # where the server echoes all of its data before we can check that it # got any down below. s.start_resend_event.set() -s.join() +s.join(timeout=2.0) That should at least fix the hanging, but I guess it will produce another error later on. -- nosy: +collinwinter ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue1662581] the re module can perform poorly: O(2**n) versus O(n**2)
Antoine Pitrou added the comment: Note this can be used for denials of service: see http://bugs.python.org/issue17980 -- nosy: +pitrou ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue1662581 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Antoine Pitrou added the comment: This is caused by the regex engine's performance behaviour: http://bugs.python.org/issue1662581 http://bugs.python.org/issue1515829 http://bugs.python.org/issue212521 -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Antoine Pitrou added the comment: I would like to know what is the expected scenario: - does the attacker only control the certificate? - or does the attacker control both the certificate and the hostname being validated? The reason is that the matching cost for a domain name fragment seems to be O(n**k), where n is the fragment length and k is the number of wildcards. Therefore, if the attacker controls both n and k, even limiting k to 2 already allows a quadratic complexity attack. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17890] argparse: mutually exclusive groups full of suppressed args can cause AssertionErrors
R. David Murray added the comment: I've been observing the activity on the argparse issues and am appreciating the work, but I don't have time right now to review the patches. I should have more time next month, and expect to get to them then, if no one else gets to them before I do. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17890 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Changes by Antoine Pitrou pit...@free.fr: -- nosy: +christian.heimes ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Carlos Nepomuceno added the comment: Thank you! But what's going on? Do my system have any limitation that is causing such hang? Here goes it's ulimit output just in case: [root@localhost Python-2.7.5]# ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 31259 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size(512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 10240 cpu time (seconds, -t) unlimited max user processes (-u) 31259 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited [root@localhost Python-2.7.5]# -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Christian Heimes added the comment: RFC 2818 doesn't say anything about the maximum amount of wildcards. I'm going to check OpenSSL's implementation now. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Charles-François Natali added the comment: Could you provide the output of: strace -ttT -f ./python Lib/test/test_asynchat.py -- nosy: +neologix ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Carlos Nepomuceno added the comment:
Full output in the attached file.
[root@localhost Python-2.7.5]# strace -ttT -f ./python Lib/test/test_asynchat.py
[...]
[pid 1697] 08:01:27.815179 select(6, [5], [5], [5], {0, 1}) = 0 (Timeout)
0.010095
[pid 1697] 08:01:27.825348 select(6, [5], [5], [5], {0, 1}) = 0 (Timeout)
0.010096
[pid 1697] 08:01:27.835509 select(6, [5], [5], [5], {0, 1}) = 0 (Timeout)
0.010097
[pid 1697] 08:01:27.845669 select(6, [5], [5], [5], {0, 1}) = 0 (Timeout)
0.010096
[pid 1697] 08:01:27.855830 select(6, [5], [5], [5], {0, 1}) = 0 (Timeout)
0.010095
[pid 1697] 08:01:27.866028 select(6, [5], [5], [5], {0, 1}) = 0 (Timeout)
0.010096
[pid 1697] 08:01:27.876188 select(6, [5], [5], [5], {0, 1}) = 0 (Timeout)
0.010096
[pid 1697] 08:01:27.886388 futex(0x1bb8280, FUTEX_WAIT_PRIVATE, 0, NULL
PNR
--
Added file: http://bugs.python.org/file30281/test_asynchat_strace.txt
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue17992
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17914] add os.cpu_count()
Yogesh Chaudhari added the comment: Minor modifications based on review comments. 1. Change mib array size to 2, 2. return value set to 0 consistently (in C code), and 3. removed IRIX #defines -- Added file: http://bugs.python.org/file30282/issue17914-6.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17914 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Florian Weimer added the comment: OpenSSL supports only a single wildcard character. In my tests, I used a host name like .example.org, and a dNSName like a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*.example.org. Quadratic behavior wouldn't be too bad because the host name is necessarily rather short (more than 255 characters will not pass through DNS). -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17206] Py_XDECREF() expands its argument multiple times
Illia Polosukhin added the comment: Amaury, I didn't update Py_INCREF macro in this patch (because it doesn't expand it's argument multiple times) - so the examples you are showing will be working fine. I've updated Py_XINCREF, but it can't be used as an expression anyway. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17206 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Charles-François Natali added the comment:
That's what I thought:
08:01:24.824406 bind(3, {sa_family=AF_INET, sin_port=htons(0),
sin_addr=inet_addr(127.0.0.1)}, 16) = 0 0.24
[pid 1698] 08:01:24.825502 listen(3, 1) = 0 0.35
[pid 1698] 08:01:24.825786 accept(3, unfinished ...
[pid 1697] 08:01:24.837622 connect(5, {sa_family=AF_INET,
sin_port=htons(43785), sin_addr=inet_addr(127.0.0.1)}, 16) = -1 EINPROGRESS
(Operation now in progress) 0.74
[pid 1697] 08:01:24.837811 select(6, [5], [5], [5], {0, 1}) = 0 (Timeout)
0.010095
[pid 1697] 08:01:27.876188 select(6, [5], [5], [5], {0, 1}) = 0 (Timeout)
0.010096
[pid 1697] 08:01:27.886388 futex(0x1bb8280, FUTEX_WAIT_PRIVATE, 0, NULL
PNR
See the EINPROGRESS?
The connect() doesn't return within 3 seconds.
You probably have a firewall on your machine.
What does:
# iptables -L
return ?
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue17992
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Carlos Nepomuceno added the comment: What ports are needed? [root@localhost Python-2.7.5]# iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT udp -- anywhere anywhereudp dpt:domain ACCEPT tcp -- anywhere anywheretcp dpt:http ACCEPT tcp -- anywhere anywheretcp dpt:https ACCEPT icmp -- anywhere anywhereicmp echo-request ACCEPT all -- anywhere anywherestate RELATED,ESTABLISHED Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywherestate NEW [root@localhost Python-2.7.5]# -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Charles-François Natali added the comment: What ports are needed? Many tests use random ephemeral ports on the loopback interface (e.g. 43785 above). You should update your rules to apply to external NIC, not on the loopback. -- resolution: - invalid stage: - committed/rejected status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Changes by Apostolis Bessas mpes...@gmail.com: -- nosy: +mpessas ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Antoine Pitrou added the comment:
Indeed, two wildcards seem to be ok with a 255-character domain name:
$ ./python -m timeit -s import ssl; cert = {'subject': ((('commonName',
'*a*a.com'),),)} try: ssl.match_hostname(cert, 'a' * 250 +'z.com') except
ssl.CertificateError: pass
1000 loops, best of 3: 797 usec per loop
Three wildcards already start producing some load:
$ ./python -m timeit -s import ssl; cert = {'subject': ((('commonName',
'*a*a*a.com'),),)} try: ssl.match_hostname(cert, 'a' * 250 +'z.com') except
ssl.CertificateError: pass
10 loops, best of 3: 66.2 msec per loop
Four wildcards are more than enough for a DoS:
$ ./python -m timeit -s import ssl; cert = {'subject': ((('commonName',
'*a*a*a*a.com'),),)} try: ssl.match_hostname(cert, 'a' * 250 +'z.com')
except ssl.CertificateError: pass
10 loops, best of 3: 4.12 sec per loop
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue17980
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Giampaolo Rodola' added the comment: Good catch! I think we better set a general timeout so that the tests fail instead of hanging though. Carlos can you try the patch in attachment and confirm you see failures instead of hangings? -- keywords: +patch Added file: http://bugs.python.org/file30283/asyncore-timeout.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Antoine Pitrou added the comment: In my tests, I used a host name like .example.org, and a dNSName like a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*a*.example.org. Quadratic behavior wouldn't be too bad because the host name is necessarily rather short (more than 255 characters will not pass through DNS). Hmm, but the host name doesn't necessarily come from DNS, does it? -- title: CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names - CVE-2013-2099 ssl.match_hostname() trips over craftedwildcard names ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Florian Weimer added the comment: The host name is looked up to get the IP address to connect to. The lookup will fail if the host name is longer than 255 characters, and the crafted certificate is never retrieved. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Carlos Nepomuceno added the comment: Yes, but I don't have the git clone. Can you send the complete file instead of the patch? -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17206] Py_XDECREF() expands its argument multiple times
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17206 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17589] Make documentation about macros in C API explicit about rvalue vs statement
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17589 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Carlos Nepomuceno added the comment: BTW, problem solved with: iptables -A INPUT -d 127.0.0.1 -j ACCEPT iptables -A INPUT -s 127.0.0.1 -j ACCEPT Thanks a lot! \o -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17914] add os.cpu_count()
Yogesh Chaudhari added the comment: Typo fix -- Added file: http://bugs.python.org/file30284/issue17914-7.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17914 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue8604] Adding an atomic FS write API
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue8604 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue8604] Adding an atomic FS write API
Changes by Antoine Pitrou pit...@free.fr: -- stage: - patch review ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue8604 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Changes by Giampaolo Rodola' g.rod...@gmail.com: Added file: http://bugs.python.org/file30285/test_asynchat.py ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Changes by Giampaolo Rodola' g.rod...@gmail.com: Added file: http://bugs.python.org/file30286/test_asyncore.py ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17989] ElementTree.Element broken attribute setting
Changes by Antoine Pitrou pit...@free.fr: -- nosy: +eli.bendersky ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17989 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Christian Heimes added the comment: I think a malicious user could abuse SNI to craft a longer host name and trigger the pathological case. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Carlos Nepomuceno added the comment: Tried to use the new files[1] but they use 'support' instead of 'test_support' from 'test' module. [1] test_asynchat.py, test_asyncore.py -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Giampaolo Rodola' added the comment: Nevermind. It's an easy patch so I'm going to commit it anyway. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17981] SysLogHandler closes connection before using it
Julien Palard added the comment:
I understand the files_preserve parameter, the bug I'm filling is the
innability of SysLogHandler to reopen the socket, although it tries :
// DaemonContext closing all FDs:
close(3)= 0
close(2)= 0
close(1)= 0
close(0)= 0
[...]
// Trying to send World ! to the closed socket (developper missusing
files_preserve
sendto(3, 14World !\0, 12, 0, NULL, 0) = -1 EBADF (Bad file descriptor)
// Reopening socket, with good parameters
socket(PF_FILE, SOCK_DGRAM, 0) = 3
// WTF ? For me, the bug is here, why do we close it ?
// That's not the DaemonContext that closes the file here, as we already are in
daemonContext, all files were closed before by the DaemonContext, so for me
it's SysLogHandler who's closing here and it's a bug :
close(3)= 0
// Trying to connect to a closed socket ... will fail )o:
connect(3, {sa_family=AF_FILE, path=/dev/log}, 10) = -1 EBADF (Bad file
descriptor)
// Reclosing it ? ok ... why not as we don't know that it were closed.
close(3)= -1 EBADF (Bad file descriptor)
// Trying another socket type, cause first try failed, but failed cause the
close(), it may have not been closed and have succeed. So this try may no
apprear normally :
socket(PF_FILE, SOCK_STREAM, 0) = 3
connect(3, {sa_family=AF_FILE, path=/dev/log}, 10) = -1 EPROTOTYPE (Protocol
wrong type for socket)
--
resolution: invalid -
status: closed - open
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue17981
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Carlos Nepomuceno added the comment: Ok! Thanks a lot! -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17992] test_asynchat hangs
Roundup Robot added the comment: New changeset 3ee61b048173 by Giampaolo Rodola' in branch 'default': Issue #17992: Add timeouts to asyncore and asynchat tests so that they won't accidentally hang. http://hg.python.org/cpython/rev/3ee61b048173 -- nosy: +python-dev ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17992 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17206] Py_XDECREF() expands its argument multiple times
Amaury Forgeot d'Arc added the comment: The last patch (17206-3.diff) has tests for the 4 macros, and looks good to me. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17206 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Antoine Pitrou added the comment: In GnuTLS, _gnutls_hostname_compare() (lib/gnutls_str.c) uses a trivial recursive approach with a maximum number of 5 wildcards. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17914] add os.cpu_count()
Giampaolo Rodola' added the comment: +1 for returning None. I haven't looked into patches but if needed feel free to borrow some code from psutil: Linux: https://code.google.com/p/psutil/source/browse/psutil/_pslinux.py?spec=svn30f3c67322f99ab30ed87205245dc8394f89f0acr=c970f35bc9640ac32eb9f09de8c230e7f86a2466#44 BSD / OSX: https://code.google.com/p/psutil/source/browse/psutil/_psutil_bsd.c?spec=svn30f3c67322f99ab30ed87205245dc8394f89f0acr=9b6e780ea6b598a785670c2626c7557f9fef9238#486 Windows: https://code.google.com/p/psutil/source/browse/psutil/_psutil_mswindows.c?spec=svn30f3c67322f99ab30ed87205245dc8394f89f0acr=4d5b0de27024e9d3cd6a3573a493290498afa9c2#426 SunOS: https://code.google.com/p/psutil/source/browse/psutil/_pssunos.py?spec=svnff76a4e33da359162c28f8c7478f9e6c6dff347bname=sunosr=d53e11edfbe18d22f4e08168f72b1952cfaef373#27 -- nosy: +giampaolo.rodola ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17914 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17988] ElementTree.Element != ElementTree._ElementInterface
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17988 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17989] ElementTree.Element broken attribute setting
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever versions: +Python 3.4 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17989 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue8604] Adding an atomic FS write API
Barry A. Warsaw added the comment: Of course, I have my own atomic-rename thing, but I'm not going to post the code here. It's fairly limited to my own use case and I have no interest in making it cross platform. That being said, I personally found that a context manager with a signature identical to built-in open() was the most convenient API. It looks natural: with atomic(filename, 'w', encoding='utf-8') as fp: data = do_a_bunch_of_things_that_might_fail() fp.write(data) If any of that fails, the temporary file is guaranteed to be cleaned up, otherwise, filename (which is the ultimate destination) will be guaranteed to exist. Another reason why context managers are useful is with ExitStack(), where you might have a bunch of conditions that you want to guarantee get cleaned up properly if any of them fail. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue8604 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17994] Change necessary in platform.py to support IronPython
New submission from Ian Cordasco: Stemming from a StackOverflow question[1] and a conversation with Marc-Andre Lemburg via email, I'm filing this issue without any easy way of confirming it myself. It seems that the logic in platform.python_implementation() has been obsoleted by a change made in IronPython. As it is now, it checks that the slice, sys.version[:10], is IronPython. Seemingly due to a change in IronPython, this no longer is a correct condition for checking that the implementation is IronPython. I'm trying to work with the question author on StackOverflow to provide the relevant debugging information to fix this, but it is taking a while to get responses. Without his repr(sys.version) I can't submit a patch with this issue. I've also only tagged Python 2.7 since I have no way of knowing if this occurs with Python 3.x or anything earlier. [1]: http://stackoverflow.com/questions/16545027/ironpython-error-in-url-request?noredirect=1#comment23828551_16545027 -- components: Library (Lib), Windows messages: 189383 nosy: icordasc, lemburg priority: normal severity: normal status: open title: Change necessary in platform.py to support IronPython versions: 3rd party, Python 2.7 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17994 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17994] Change necessary in platform.py to support IronPython
Changes by Brian Curtin br...@python.org: -- nosy: +brian.curtin stage: - test needed type: - behavior ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17994 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17994] Change necessary in platform.py to support IronPython
Changes by Antoine Pitrou pit...@free.fr: -- nosy: +dino.viehland ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17994 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue15758] FileIO.readall() has worst case O(n^2) complexity
Richard Oudkerk added the comment: I have done an updated patch. It no longer special cases Windows, so realloc() is always used for enlarging the buffer (except when fstat() is missing). Antoine, do you think this is ready to commit? -- Added file: http://bugs.python.org/file30287/readall.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue15758 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue15758] FileIO.readall() has worst case O(n^2) complexity
Changes by Richard Oudkerk shibt...@gmail.com: Removed file: http://bugs.python.org/file26986/readall-benchmark.py ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue15758 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Changes by Jeffrey C. Jacobs timeho...@users.sourceforge.net: -- nosy: +timehorse ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17222] py_compile.compile() explicitly sets st_mode for written files
Changes by Barry A. Warsaw ba...@python.org: -- nosy: +barry ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17222 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17222] py_compile.compile() explicitly sets st_mode for written files
Barry A. Warsaw added the comment: Antoine says: Ah, right. Well, there would be an argument not to use os.replace() in py_compile, since it's an offline processing step which generally shouldn't race with another (online) processing step. But I think that's not necessarily true. http://mail.python.org/pipermail/python-dev/2013-May/126241.html -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17222 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17981] SysLogHandler closes connection before using it
Vinay Sajip added the comment: I see what you're saying now, but there's no explicit close in logging, so it's coming from somewhere lower down. Let's examine what happens when we try to emit the record: - def emit(self, record): (Pdb) /usr/lib/python2.7/logging/handlers.py(791)emit() - msg = self.format(record) + '\000' (Pdb) n /usr/lib/python2.7/logging/handlers.py(796)emit() - prio = '%d' % self.encodePriority(self.facility, (Pdb) n /usr/lib/python2.7/logging/handlers.py(797)emit() - self.mapPriority(record.levelname)) (Pdb) n /usr/lib/python2.7/logging/handlers.py(799)emit() - if type(msg) is unicode: (Pdb) n /usr/lib/python2.7/logging/handlers.py(803)emit() - msg = prio + msg (Pdb) n /usr/lib/python2.7/logging/handlers.py(804)emit() - try: (Pdb) p msg '14world!\x00' (Pdb) n /usr/lib/python2.7/logging/handlers.py(805)emit() - if self.unixsocket: (Pdb) n /usr/lib/python2.7/logging/handlers.py(806)emit() - try: (Pdb) n /usr/lib/python2.7/logging/handlers.py(807)emit() == Here is where we try to send the message == - self.socket.send(msg) (Pdb) n error: (9, 'Bad file descriptor') /usr/lib/python2.7/logging/handlers.py(807)emit() - self.socket.send(msg) (Pdb) s /usr/lib/python2.7/logging/handlers.py(808)emit() == It failed, as expected, so we go to the exception handler. == - except socket.error: (Pdb) /usr/lib/python2.7/logging/handlers.py(809)emit() == We are going to try and connect again. == - self._connect_unixsocket(self.address) (Pdb) s --Call-- /usr/lib/python2.7/logging/handlers.py(737)_connect_unixsocket() - def _connect_unixsocket(self, address): (Pdb) /usr/lib/python2.7/logging/handlers.py(738)_connect_unixsocket() - self.socket = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM) == Created the socket at line 738. Line 739 is a comment. == (Pdb) n /usr/lib/python2.7/logging/handlers.py(740)_connect_unixsocket() - try: (Pdb) n /usr/lib/python2.7/logging/handlers.py(741)_connect_unixsocket() - self.socket.connect(address) (Pdb) n error: (9, 'Bad file descriptor') == Line 740 is a try: statement. At line 741, called connect, got an EBADF, and there's no intervening call to close(). == /usr/lib/python2.7/logging/handlers.py(741)_connect_unixsocket() - self.socket.connect(address) (Pdb) n /usr/lib/python2.7/logging/handlers.py(742)_connect_unixsocket() - except socket.error: (Pdb) n /usr/lib/python2.7/logging/handlers.py(743)_connect_unixsocket() - self.socket.close() == This close is just trying to tidy up in the exception handler. == (Pdb) n /usr/lib/python2.7/logging/handlers.py(744)_connect_unixsocket() - self.socket = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) == We'll try to open using TCP, which will fail. == To summarise: line 738 is a call to socket.socket(AF_UNIX, SOCK_DGRAM) line 739 is a comment # syslog may require either ... line 740 is a try: line 741 is a call to socket.connect(address) There is no close() called by logging between socket.socket() and socket.connect(), so the close seems to be coming from inside one of those two calls to the socket module. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17981 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17732] distutils.cfg Can Break venv
Roundup Robot added the comment: New changeset d62f71bd2192 by Brian Curtin in branch '3.3': Add Nick Sloan for his contribution to #17732 http://hg.python.org/cpython/rev/d62f71bd2192 -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17732 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17222] py_compile.compile() explicitly sets st_mode for written files
Antoine Pitrou added the comment: Ah, right. Well, there would be an argument not to use os.replace() in py_compile, since it's an offline processing step which generally shouldn't race with another (online) processing step. But I think that's not necessarily true. http://mail.python.org/pipermail/python-dev/2013-May/126241.html Ha :) Then you know which kind of patch you have to try. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17222 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17981] SysLogHandler closes connection before using it
Vinay Sajip added the comment:
We'll try this with a simple script which doesn't use logging at all:
import os
import socket
MSG1 = '14Hi, \x00'
MSG2 = '14there!\x00'
sock = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM)
sock.connect('/dev/log')
sock.send(MSG1)
os.close(sock.fileno()) # what daemonizing does
try:
sock.send(MSG2)
except socket.error as e:
print(e)
print('Trying to reconnect:')
sock = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM)
try:
sock.connect('/dev/log')
except socket.error as e:
print('Oh look, reconnecting failed: %s' % e)
When we run this, we get:
[Errno 9] Bad file descriptor
Trying to reconnect:
Oh look, reconnecting failed: [Errno 9] Bad file descriptor
And the strace output looks like this:
socket(PF_FILE, SOCK_DGRAM, 0) = 3
connect(3, {sa_family=AF_FILE, path=/dev/log}, 10) = 0
sendto(3, 14Hi, \0, 9, 0, NULL, 0) = 9
===
The next close() is the os.close(sock.fileno())
===
close(3)= 0
sendto(3, 14there!\0, 11, 0, NULL, 0) = -1 EBADF (Bad file descriptor)
fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7fc4a90e5000
write(1, [Errno 9] Bad file descriptor\n, 30) = 30
write(1, Trying to reconnect:\n, 21) = 21
socket(PF_FILE, SOCK_DGRAM, 0) = 3
===
Created the socket via a call to socket.socket().
===
close(3)= 0
===
No idea where this close() comes from, but it's
the same as in the logging case.
===
connect(3, {sa_family=AF_FILE, path=/dev/log}, 10) = -1 EBADF (Bad file
descriptor)
===
connect() fails, just as in the logging case.
===
write(1, Oh look, reconnecting failed: [E..., 60) = 60
So, while it seems to be a bug, it's not a logging bug. It seems to be
connected to the fact that os.close() closes the socket fd out from under the
socket object, which somehow then causes a close() to be called...
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue17981
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17995] report,中 高 层 管 理 技 能158766
New submission from Nobody/Anonymous: report,您好! $$ 158766中 坚 力 量 6 堂 课158766 5月18-19日 北 京 05月25-26日 上 海 6月08-09日 深 圳 热 线 电 话 : 4 0 0 7 0 5 0 5 1 9 $$ 2013-05-1701:29:41 -- messages: 189390 nosy: nobody priority: normal severity: normal status: open title: report,中 高 层 管 理 技 能158766 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17995 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Tim Peters added the comment: Wildcard matching can easily be done in worst-case linear time, but not with regexps. doctest.py's internal _ellipsis_match() shows one way to do it (doctest can use ... as a wildcard marker). -- nosy: +tim_one ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17995] report,中 高 层 管 理 技 能158766
Changes by Fred L. Drake, Jr. fdr...@gmail.com: -- resolution: - rejected status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17995 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17928] PowerLinux getargs.c FETCH_SIZE endianness bug
jan matejek added the comment: The fix causes regression on my 64bit little-endian machine. It seems that while parsing the arguments, the length value overwrites part of the string pointer. -- nosy: +matejcik ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17928 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17732] distutils.cfg Can Break venv
Georg Brandl added the comment: Thanks for the attribution, that was definitely an oversight on my part. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17732 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17943] AttributeError: 'long' object has no attribute 'release' in Queue.put()
Georg Brandl added the comment: We've now found a wrongful section in C code releasing the GIL in spite of calling Python malloc functions, and I'm going to blame this failure on that. -- resolution: - rejected status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17943 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17928] PowerLinux getargs.c FETCH_SIZE endianness bug
jan matejek added the comment: hmm, but it's caused by a private patch claiming that _testcapimodule.c is PY_SSIZE_T_CLEAN. sorry for the noise. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17928 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Christian Heimes added the comment: We could use an algorithm that doesn't need regexp for most cases. pseudo code: value = value.lower() hostname = hostname.lower() if '*' not in value: return value == hostname vparts = valuesplit(.) hparts = hostname.split(.) if len(vparts) != len(hparts): # * doesn't match a dot return False for v, h in zip(vparts, hparts): if v == *: # match any host part continue asterisk = v.count(*) if asterisk == 0: if v != h: return False elif asterisk == 1: # match with simple re else: # don't support more than one * in a FQDN part raise TooManyAsterisk -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17981] SysLogHandler closes connection before using it
Richard Oudkerk added the comment: The line sock = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM) overwrites the old broken socket with a new one with the same fd. The old socket's destructor closes the fd of the new socket. -- nosy: +sbt ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17981 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Antoine Pitrou added the comment: Wildcard matching can easily be done in worst-case linear time, but not with regexps. doctest.py's internal _ellipsis_match() shows one way to do it (doctest can use ... as a wildcard marker). Thanks, this may be a nice enhancement for 3.4. For 3.2 and 3.3, I'd prefer to go the safe way of simply limiting the number of wildcards. If OpenSSL only accepts one per fragment, accepting one or two is certainly fine for Python as well :-) -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Antoine Pitrou added the comment: Here is a patch allowing at most 2 wildcards per domain fragment. Georg, do you think this should go into 3.2? -- keywords: +patch nosy: +georg.brandl Added file: http://bugs.python.org/file30288/ssl_wildcard_dos.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17981] SysLogHandler closes connection before using it
Vinay Sajip added the comment: The old socket's destructor closes the fd of the new socket. Aha! Nice one. But what's the correct fix? I suppose a self.sock = None before every self.sock = socket.socket call would fix seem this, and while I can certainly make this change in SysLogHandler, isn't this a more general problem? -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17981 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Georg Brandl added the comment: It's certainly a security fix, but probably not one that warrants an immediate release. If you commit it to the 3.2 branch, that's fine, it will get picked up by coming releases. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17545] os.listdir and os.path.join inconsistent on empty path
W. Owen Parry added the comment:
I started working on a patch for this, but the more I think about it the less I
am convinced it is wanted.
The issue requests that os.listdir('') be equal to os.listdir('.')
The given example of os.path.join doesn't follow this:
os.path.join('','aaa')
'aaa'
os.path.join('.','aaa')
'.\\aaa'
This makes sense: prepending an empty path should be a no-op, while prepending
the current directory has a different meaning.
It seems consistent in this case that listing an empty path and listing the
current directory should have different meanings.
Is there any other traction/use case for this change?
--
nosy: +woparry
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue17545
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17981] SysLogHandler closes connection before using it
Richard Oudkerk added the comment: Rather than self.sock = None I would do self.sock.close() which should work better for non-refcounted Pythons. Of course it would be better to do this immediately after forking (i.e. before any more fds are created), otherwise you could still accidentally zap the fd of some other object. If you can't do this immediately after forking then maybe it is better to move inherited potentially broken objects to a garbage list to prevent garbage collection. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17981 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Changes by STINNER Victor victor.stin...@gmail.com: -- nosy: +haypo ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17964] os.sysconf(): return type of the C function sysconf() is long, not int
Roundup Robot added the comment: New changeset 7c60cf756097 by Victor Stinner in branch 'default': Issue #17964: Fix os.sysconf(): the return type of the C sysconf() function http://hg.python.org/cpython/rev/7c60cf756097 -- nosy: +python-dev ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17964 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue1662581] the re module can perform poorly: O(2**n) versus O(n**2)
Gregory P. Smith added the comment: The recommendation for anyone using regular expressions on hostile input is to (a) don't do that. (b) use a better regexp without this possible behavior and (c) use something like re2 (there's a Python binding at https://github.com/axiak/pyre2) which is a regular expression engine that this cannot happen to. fixing this within python requires a complete rewrite and replacement of the re module with one that uses a different approach. see the other work on the MRAB regex module and discussion surrounding that. that is a non trivial task and it is fixing other more important things (unicode correctness!) than this... Given that, I don't actually expect this issue to ever be fixed. IMNSHO: People shouldn't abuse regexes and get themselves into this situation in the first place. ;) discussion should really happen on python-ideas. -- resolution: - wont fix status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue1662581 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17964] os.sysconf(): return type of the C function sysconf() is long, not int
STINNER Victor added the comment: The bug does also exist in Python 2.7, 3.2 and 3.3, but I prefer to not fix it in these versions because I'm not 100% sure that the return type is long on all platforms and because nobody noticed the issue since years. So if I broke something, I prefer to only break the development branch ;-) I applied the fix to Python 3.4 and so I'm closing the issue. -- resolution: - fixed status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17964 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Gregory P. Smith added the comment: Indeed, doing this _without a regexp_ is preferred. :) -- nosy: +gregory.p.smith ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17980 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue15758] FileIO.readall() has worst case O(n^2) complexity
Antoine Pitrou added the comment: I posted a couple of review comments. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue15758 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17700] Update Curses HOWTO for 3.4
STINNER Victor added the comment: Applied to 3.3 and 3.4. I'll leave this issue open for a week so that Victor can comment on Unicode/wide-characters. I don't know (n)curses, but I tried to improve the curses module of Python. I added an encoding attribute which is the locale encoding by default, so it should work without special configuration. But it's good to know what the default encoding is. (It was UTF-8 on older Python 3 release, maybe in Python 3.3.) I also added functions like unget_wch() and get_wch(). The problem is that unget_wch() and get_wch() are not always available, it depends on the platform. If I remember correctly, it depends if libreadline is linked to libncursesw (and not libncurses). Ah yes, and the Python curses modules uses Unicode versions of C curses functions if available. It is still possible to use thes bytes versions if you pass bytes strings. For example: * window.addstr(abc): use *add_wstr() functions if available, *addstr() otherwise * window.addstr(babc): always use *addstr() functions I don't know enough the C libncursesw library to write an HOWTO or something like that. I just would like to say that you should prefer get_wch() over getch() if get_wch() is available. But I don't understand exactly how curses behave with control characters (keys?) like up or left. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17700 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17931] PyLong_FromPid() is not correctly defined on Windows 64-bit
STINNER Victor added the comment: @Antoine (author of the commit fixing #1983): any opinion? -- nosy: +pitrou ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17931 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17931] PyLong_FromPid() is not correctly defined on Windows 64-bit
Antoine Pitrou added the comment: Sounds fine to me, but perhaps better test the patch before committing? (or wait for the buildbots to crash) -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17931 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17917] use PyModule_AddIntMacro() instead of PyModule_AddIntConstant() when applicable
STINNER Victor added the comment: ins_macro-2.diff looks good to me, go ahead! -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17917 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17952] editors-and-tools section of devguide does not appear to be accurate
Roundup Robot added the comment: New changeset 3d523f0c0a9d by Ned Deily in branch 'default': Add comment about avoiding --enable-shared for uninstalled builds. This should also cause the resources ref link in the Editors and Tools section to be updated (Issue17952). http://hg.python.org/devguide/rev/3d523f0c0a9d -- nosy: +python-dev ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17952 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17931] PyLong_FromPid() is not correctly defined on Windows 64-bit
STINNER Victor added the comment: Oh, I just noticed the following check in pyport.h: #if SIZEOF_PID_T SIZEOF_LONG # error Python doesn't support sizeof(pid_t) sizeof(long) #endif I don't understand this test, longobject.h contains: #elif defined(SIZEOF_LONG_LONG) SIZEOF_PID_T == SIZEOF_LONG_LONG #define _Py_PARSE_PID L #define PyLong_FromPid PyLong_FromLongLong #define PyLong_AsPid PyLong_AsLongLong I suppose that this path was never tested before. Here is a new patch removing the check from pyport.h, longobject.h already fails if SIZEOF_PID_T value is not supported: #else #error sizeof(pid_t) is neither sizeof(int), sizeof(long) or sizeof(long long) #endif /* SIZEOF_PID_T */ -- Added file: http://bugs.python.org/file30289/win_sizeof_pid_t-2.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17931 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17742] Add _PyBytesWriter API
STINNER Victor added the comment: _PyBytesWriter API makes the code slower and does not really reduce the number of lines, so I'm closing this issue as invalid. -- resolution: - invalid status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17742 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17952] editors-and-tools section of devguide does not appear to be accurate
Ned Deily added the comment: Thanks for the report. To resolve Issue17820, the target of the link in setup#editors-and-tools was changed from the Key Resources section to the Additional Resources section. However, because the setup page itself was not modified, it was not automatically rebuilt and the old section name remained. I added an unrelated change to the setup page to cause the page to be regenerated; it now shows the correct section name in the link. -- nosy: +ned.deily resolution: - fixed stage: - committed/rejected status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17952 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17981] SysLogHandler closes connection before using it
Roundup Robot added the comment: New changeset d91da96a55bf by Vinay Sajip in branch '2.7': Issue #17981: Closed socket on error in SysLogHandler. http://hg.python.org/cpython/rev/d91da96a55bf New changeset 590b865aa73c by Vinay Sajip in branch '3.3': Issue #17981: Closed socket on error in SysLogHandler. http://hg.python.org/cpython/rev/590b865aa73c New changeset f2809c7a7c3c by Vinay Sajip in branch 'default': Closes #17981: Merged fix from 3.3. http://hg.python.org/cpython/rev/f2809c7a7c3c -- nosy: +python-dev resolution: - fixed stage: - committed/rejected status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17981 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17870] Python does not provide PyLong_FromIntMax_t() or PyLong_FromUintMax_t() function
STINNER Victor added the comment:
Oh, the sqlite3 module has an interesting function:
PyObject *
_pysqlite_long_from_int64(sqlite_int64 value)
{
#ifdef HAVE_LONG_LONG
# if SIZEOF_LONG_LONG 8
if (value PY_LLONG_MAX || value PY_LLONG_MIN) {
return _PyLong_FromByteArray(value, sizeof(value),
IS_LITTLE_ENDIAN, 1 /* signed */);
}
# endif
# if SIZEOF_LONG SIZEOF_LONG_LONG
if (value LONG_MAX || value LONG_MIN)
return PyLong_FromLongLong(value);
# endif
#else
# if SIZEOF_LONG 8
if (value LONG_MAX || value LONG_MIN) {
return _PyLong_FromByteArray(value, sizeof(value),
IS_LITTLE_ENDIAN, 1 /* signed */);
}
# endif
#endif
return PyLong_FromLong(value);
}
If PyLong_FromIntMax_t() is implemented, this function may be simply removed
(and replaced with PyLong_FromIntMax_t).
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue17870
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
