[issue41486] Add _BlocksOutputBuffer for bz2/lzma/zlib module
Gregory P. Smith added the comment: looking around it appears you've proposed an independent implementation of this for the thir party brotli module? https://github.com/google/brotli/pull/856 that is what i mean about making this reusable :) -- ___ Python tracker <https://bugs.python.org/issue41486> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue41486] Add _BlocksOutputBuffer for bz2/lzma/zlib module
Gregory P. Smith added the comment: I left some review comments on the PR. I like the algorithm being used. I don't really _like_ that this is a .h file acting as a C template to inject effectively the same static code into each module that wants to use it... Which I think is the concern Victor is expressing in a comment above. I could live with this PR as is because it is at least easy to maintain. But I anticipate we'll want to refactor it in the future to be shared code instead of a copy compiled per module. This is the kind of thing that also makes sense to be usable outside of just these modules. Compression modules for the other popular compression algorithms currently not in the stdlib but available on PyPI shouldn't need to reinvent this wheel on their own without reason. (lzo, brotli, zstandard, no doubt others...) It is also worth looking at those to see if they've already implemented something like this and how it differs. -- ___ Python tracker <https://bugs.python.org/issue41486> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43808] Add .isfloat() method to str
Change by Gregory P. Smith : -- resolution: -> rejected stage: -> resolved status: open -> closed ___ Python tracker <https://bugs.python.org/issue43808> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43776] Popen with shell=True yield mangled repr output
Change by Gregory P. Smith : -- assignee: -> gregory.p.smith nosy: +gregory.p.smith versions: +Python 3.10 ___ Python tracker <https://bugs.python.org/issue43776> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue40701] tempfile mixes str and bytes in an inconsistent manner
Gregory P. Smith added the comment: New changeset e05a703848473b0365886dcc593cbddc46609f29 by Gregory P. Smith in branch 'master': bpo-40701: doc typo historcal -> historical (GH-25334) https://github.com/python/cpython/commit/e05a703848473b0365886dcc593cbddc46609f29 -- ___ Python tracker <https://bugs.python.org/issue40701> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue40701] tempfile mixes str and bytes in an inconsistent manner
Change by Gregory P. Smith : -- pull_requests: +24068 pull_request: https://github.com/python/cpython/pull/25334 ___ Python tracker <https://bugs.python.org/issue40701> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue37251] Mocking a MagicMock with a function spec results in an AsyncMock
Change by Gregory P. Smith : -- resolution: fixed -> stage: resolved -> needs patch status: closed -> open ___ Python tracker <https://bugs.python.org/issue37251> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43478] Disallow Mock spec arguments from being Mocks
Gregory P. Smith added the comment: New changeset dccdc500f9b5dab0a20407ae0178d393796a8828 by Matthew Suozzo in branch 'master': bpo-43478: Restrict use of Mock objects as specs (GH-25326) https://github.com/python/cpython/commit/dccdc500f9b5dab0a20407ae0178d393796a8828 -- ___ Python tracker <https://bugs.python.org/issue43478> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue40701] tempfile mixes str and bytes in an inconsistent manner
Gregory P. Smith added the comment: Fixed for 3.10. Marking as a release blocker for 3.9 and assigning for a release manager decision on if they accept this change (the PR) as a bugfix in 3.9 or not. (see the PR) It is late enough in 3.8's lifetime I wouldn't touch that one. -- assignee: gregory.p.smith -> lukasz.langa nosy: +lukasz.langa priority: normal -> release blocker versions: -Python 3.10, Python 3.7, Python 3.8 ___ Python tracker <https://bugs.python.org/issue40701> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43725] Create a release branch ABI stability regression test
Gregory P. Smith added the comment: Ideally we'd analyze for a representative set of major platforms we ship binaries on. 32-bit and 64-bit Linux are a start, but we should assume that at least windows and linux toolchains may be different and toss in an additional CPU architecture as default alignment constraints could differ. But getting to that level can remain future work... I'm happy libabigail exists! -- ___ Python tracker <https://bugs.python.org/issue43725> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43684] Add combined opcodes
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43684> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue41486] Add _BlocksOutputBuffer for bz2/lzma/zlib module
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue41486> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17305] IDNA2008 encoding is missing
Gregory P. Smith added the comment: My PR merely adds a note to the docs linking to idna on pypi. Don't get excited, it doesn't implement anything. :P re "Once Python has a working idna2008 encoder, we need to address integration into socket, ssl, http, and asyncio module." ... doing that _could_ be the same can of worms the browsers all had to go through? We'd need to decide which behavior we wanted; pure? or matching what browsers do? I suspect that is equivalent to the pypi idna https://github.com/kjd/idna 's uts46=True + transitional=True mode [*] but anyone doing this work would need to figure that out for sure if we wanted to default to behaving like browsers with the transitional compatibility mode. That there is a need for a couple options on top of idna2008 as an encoding suggests it may not be a great fit for the Python codecs encodings system as those use a single string name. We'd need to permute the useful possible combos of flag behavior in the names. idna2003, idna2008, idna2008uts46, idna2008uts46transitional, and other combos of those if alternate combinations are deemed relevant. I worry that a browser-transitional-behavior-matching situation may change over time as TLDs decide when to change their policies. Is that an irrational fear? Browsers are well equipped to deal with this as they've got frequent updates. A PyPI package could as well. [*] Browser history: fwiw people wondering _why_ browsers like Chrome and Firefox don't "just blindly use idna2008 for everything" should go read the backwards compatibility transitional rationale and security concerns in https://bugs.chromium.org/p/chromium/issues/detail?id=61328 and https://bugzilla.mozilla.org/show_bug.cgi?id=479520 (caution: be ready to filter out the random internet whiners from those threads) -- ___ Python tracker <https://bugs.python.org/issue17305> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17305] IDNA2008 encoding is missing
Change by Gregory P. Smith : -- keywords: +patch nosy: +gregory.p.smith nosy_count: 15.0 -> 16.0 pull_requests: +23948 stage: needs patch -> patch review pull_request: https://github.com/python/cpython/pull/25208 ___ Python tracker <https://bugs.python.org/issue17305> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43725] Create a release branch ABI stability regression test
Gregory P. Smith added the comment: Indeed. In particular given the 3.9.3 issue I was assuming such a test should include asserting both the sizeof() ABI structs and offsetof() public members of all ABI structs. On each specific first class supported platform. This goes beyond what https://www.python.org/dev/peps/pep-0652/#testing-the-stable-abi currently states to check size and layout rather than just symbol presence. But seems to match the intent. -- ___ Python tracker <https://bugs.python.org/issue43725> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43725] Create a release branch ABI stability regression test
New submission from Gregory P. Smith : In order to automate prevention of ABI regressions in stable releases, we could create an automated ABI stability test generator and check the specific ABI test it generates into each specific release branch. I'm envisioning the main branch only having a code generator that creates such a test, and the release branches only having the output of that as Lib/tests/release_X_Y_ABI_stability_test.py and a policy of never updating that within a release branch without *extreme* attention to detail. Such updates wouldn't happen by default in our current workflow as they're unique and versioned in every release branch so automated backport PRs wouldn't touch them - leaving CI to run them and highlight failures on attempted backports to do inadvertently cause an ABI shift. -- components: Build, C API, Interpreter Core, Tests messages: 390173 nosy: gregory.p.smith priority: normal severity: normal stage: needs patch status: open title: Create a release branch ABI stability regression test type: enhancement versions: Python 3.10, Python 3.8, Python 3.9 ___ Python tracker <https://bugs.python.org/issue43725> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43710] Access violations in C extension modules on Python 3.9.3
Gregory P. Smith added the comment: I really suggest a simple rollback (revert) of the change rather than a redo-fix for 3.9.4. Unless you like the idea of a possible 3.9.5 if the redo-fix itself has issues that haven't been given due thought in the rush to undo the 3.9.3 mistake. This leaves more time for a proper fix of bpo-42500 in 3.9 not crafted under duress. -- ___ Python tracker <https://bugs.python.org/issue43710> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue42500] crash with unbounded recursion in except statement
Change by Gregory P. Smith : -- nosy: +gregory.p.smith nosy_count: 7.0 -> 8.0 pull_requests: +23921 pull_request: https://github.com/python/cpython/pull/25179 ___ Python tracker <https://bugs.python.org/issue42500> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43710] Access violations in C extension modules on Python 3.9.3
Change by Gregory P. Smith : -- nosy: +gregory.p.smith nosy_count: 7.0 -> 8.0 pull_requests: +23920 pull_request: https://github.com/python/cpython/pull/25179 ___ Python tracker <https://bugs.python.org/issue43710> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue42914] pprint numbers with underscore
Gregory P. Smith added the comment: Thanks for the contribution Stéphane! I agree that this would be a nice default. We're just being conservative in the pace of default behavior changes. Changing the default could be considered in the future after a few releases with this parameter have shipped. -- resolution: -> fixed stage: patch review -> commit review status: open -> closed ___ Python tracker <https://bugs.python.org/issue42914> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue42914] pprint numbers with underscore
Gregory P. Smith added the comment: New changeset 3ba3d513b1e3c63d09cb798b982a9e6c369cea4c by sblondon in branch 'master': bpo-42914: add a pprint underscore_numbers option (GH-24864) https://github.com/python/cpython/commit/3ba3d513b1e3c63d09cb798b982a9e6c369cea4c -- ___ Python tracker <https://bugs.python.org/issue42914> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue33240] shutil.rmtree fails if inner folder is open in Windows Explorer
Gregory P. Smith added the comment: oh, I missed that a notification happens to the other process(es) in a common case, a bit of retrying with backoff would actually make sense there. But I wouldn't let a retry run for longer than a second or three, as code tends to assume that rmtree is pretty quick and if something is going to close asynchronously, it should close quickly. -- ___ Python tracker <https://bugs.python.org/issue33240> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue42914] pprint numbers with underscore
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue42914> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue32592] Drop support of Windows Vista and Windows 7
Change by Gregory P. Smith : -- title: Drop support of Windows Vista and 7 in Python 3.9 -> Drop support of Windows Vista and Windows 7 type: -> enhancement ___ Python tracker <https://bugs.python.org/issue32592> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue42917] Block stack size for frame objects should be dynamically sizable
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue42917> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43080] pprint for dataclass instances
Gregory P. Smith added the comment: +0.5 I lean towards just accepting this under the conditions Eric describes given that dataclass is a stdlib concept and nobody is likely to claim that such output from pprint is a bad thing. The larger "some form of protocol for pprint to work on all sorts of other things" issue (regardless of how) remains a long term wish list item that'll probably wind up in PEP land if someone wants to take it on. -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43080> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43542] Add image/heif(heic) to list of media types in mimetypes.py
Change by Gregory P. Smith : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker <https://bugs.python.org/issue43542> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43542] Add image/heif(heic) to list of media types in mimetypes.py
Gregory P. Smith added the comment: New changeset 20a5b7e986377bdfd929d7e8c4e3db5847dfdb2d by Ilya Stepin in branch 'master': bpo-43542: Add heif/heic formats in mimetypes (GH-24917) https://github.com/python/cpython/commit/20a5b7e986377bdfd929d7e8c4e3db5847dfdb2d -- ___ Python tracker <https://bugs.python.org/issue43542> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue38890] subprocess.Popen should not emit a ResourceWarning for a detached process
Gregory P. Smith added the comment: On POSIX the norm for anything daemonizing itself is to fork() and let the parent die so that its original process with the child pid has ended. But I'm used to this being the responsibility of the daemon process. Not the code launching the daemon. Related, a deferred PEP on supporting any form of daemon stuff in the stdlib: https://www.python.org/dev/peps/pep-3143/ along with https://pypi.org/project/python-daemon/ and a plethora of other daemon/daemonize related PyPI libraries. Those tend to be about implement proper become a daemon behavior in Python processes themselves. -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue38890> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue33240] shutil.rmtree fails if inner folder is open in Windows Explorer
Gregory P. Smith added the comment: Isn't this just "how windows behaves" on some filesystems with little that we can do about it? The only real action item I can see here is that if it is _reasonable_ for us to detect the situation and improve the error message, that'd help the users (and reduce bugreports like this). Otherwise I suggest closing it as wont fix / working as the platform intends. -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue33240> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43535] Make str.join auto-convert inputs to strings.
Gregory P. Smith added the comment: There is a lot of doubt. That should clearly raise an exception because this function is intended to only operate on strings. Trivial types examples like that gloss over the actual problem. data_from_some_computations = [b"foo", b"bar"] # probably returned by a function ... later on, some other place in the code ... colon_sep_data = ":".join(data_from_some_computations) I guarantee you that 99.999% of the time everyone wants an exception there instead of their colon_sep_data to contain `b"foo":b"bar"`. Implicit conversions always lead to hard to pin down bugs. An exception raised at the source of the problem is very easy to debug in comparison. -- ___ Python tracker <https://bugs.python.org/issue43535> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43542] Add image/heif(heic) to list of media types in mimetypes.py
Change by Gregory P. Smith : -- assignee: -> gregory.p.smith nosy: +gregory.p.smith versions: +Python 3.10 ___ Python tracker <https://bugs.python.org/issue43542> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue37871] Windows: WindowsConsoleIO produces mojibake for strings longer than 32 KiB
Gregory P. Smith added the comment: Steve's approach makes sense and should be robust. side note: do we need to care about Windows 7 anymore in 3.10 given that microsoft no longer supports it? -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue37871> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43487] Rename __unicode__ methods to __str__ in 2to3 conversion
Gregory P. Smith added the comment: We're not accepting anything new into lib2to3 anymore as it is deprecated and slated for eventual removal. I recommend putting any fixers you develop up as on PyPI as package(s) for others to use. -- nosy: +gregory.p.smith resolution: -> rejected stage: patch review -> resolved status: open -> closed ___ Python tracker <https://bugs.python.org/issue43487> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue29178] Adding bytes.frombuffer(byteslike) constructor
Change by Gregory P. Smith : -- stage: -> patch review versions: -Python 3.8, Python 3.9 ___ Python tracker <https://bugs.python.org/issue29178> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue27602] Enable py launcher to launch repository Python.
Change by Gregory P. Smith : -- nosy: +brett.cannon ___ Python tracker <https://bugs.python.org/issue27602> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43571] Add option to create MPTCP sockets
Gregory P. Smith added the comment: Thanks for the contribution! Simple constant addition. I ignored the contributor CLA status as a result. There's only one way to write this non-logic plumbing. -- assignee: -> gregory.p.smith resolution: -> fixed stage: patch review -> commit review status: open -> closed ___ Python tracker <https://bugs.python.org/issue43571> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43571] Add option to create MPTCP sockets
New submission from Gregory P. Smith : New changeset b05b48dd7ab68bf0046356f2abd6d7fe3b5b3d77 by Rui Cunha in branch 'master': bpo-43571: Add IPPROTO_MPTCP macro (GH-24946) https://github.com/python/cpython/commit/b05b48dd7ab68bf0046356f2abd6d7fe3b5b3d77 -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43571> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43520] Make Fraction(string) handle non-ascii slashes
Change by Gregory P. Smith : -- resolution: -> rejected stage: -> resolved status: open -> closed ___ Python tracker <https://bugs.python.org/issue43520> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43520] Make Fraction(string) handle non-ascii slashes
Gregory P. Smith added the comment: The proposal I like is for a unicode numeric normalization functions that return the ascii equivalent to exist. These ideally belong in a third party PyPI library anyways, as they're the kind of thing that needs updating every time a new unicode revision comes out. And there are often multiple cultural interpretations for some symbols, despite any standard, so you'd wind up with a variety of functions and options for which behavior to obtain. That isn't the kind of thing that make for a good stdlib. Doing this by default within the language syntax itself (and thus stdlib constructors) is potentially dangerous and confusing as everything in existence in the world today that processes Python source code already has baked in single-ascii-token assumptions. While parsing and tooling could be evolved for that, it'd be a major ecosystem impacting change. -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43520> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43517] Fix false positives in circular import detection with from-imports
Gregory P. Smith added the comment: Thanks Antoine! -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43517> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43535] Make str.join auto-convert inputs to strings.
Gregory P. Smith added the comment: -10. I agree with Serhiy. Automatic type conversion is rarely a feature. It leads to silent bugs when people pass the wrong things. Be explicit. We are intentionally not one of those everything is really a string languages like Perl or Javascript. This core API behavior change is big enough to need a PEP and steering council approval. -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43535> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue15533] subprocess.Popen(cwd) documentation: Posix vs Windows
Gregory P. Smith added the comment: For our subprocess docs, Eryk's text: """ For POSIX, ``executable`` should be stated as a "relative path without a slash in it" or a "relative path without a directory in it". An unqualified filename is a relative path that won't be resolved against ``cwd``, unless there's a "." entry in PATH. For Windows, the use of CreateProcess() is documented. It could be stated more explicitly that ``executable``, ``args`` / ``list2cmdline(args)``, ``env``, and ``cwd`` are passed directly to CreateProcess() as lpApplicationName, lpCommandLine, lpEnvironment, and lpCurrentDirectory. """ is quite reasonable. I wouldn't include your long notes. But a link to a MSDN article explaining that would be useful at the end of the Windows paragraph. For the POSIX case we should describe which PATH is used. The current one, or the one set in a ``env`` dict. -- ___ Python tracker <https://bugs.python.org/issue15533> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib should not use the host from the PASV response
Gregory P. Smith added the comment: 3.7 and 3.6 PRs updated to include a What's New entry. -- assignee: gregory.p.smith -> ned.deily priority: normal -> release blocker versions: -Python 3.10, Python 3.8, Python 3.9 ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib should not use the host from the PASV response
Gregory P. Smith added the comment: New changeset 9eda0dfff2884bf9272f37d4151ef2335f55066f by Gregory P. Smith in branch '3.8': [3.8] bpo-43285: Whats New entry for 3.8.9. (GH-24889) https://github.com/python/cpython/commit/9eda0dfff2884bf9272f37d4151ef2335f55066f -- ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib should not use the host from the PASV response
Gregory P. Smith added the comment: New changeset d0312cece9ce89d783687ff6dddaae6495e19fcf by Gregory P. Smith in branch '3.9': [3.9] bpo-43285: Add a What's New entry for 3.9.3. (GH-24888) https://github.com/python/cpython/commit/d0312cece9ce89d783687ff6dddaae6495e19fcf -- ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib should not use the host from the PASV response
Change by Gregory P. Smith : -- pull_requests: +23650 pull_request: https://github.com/python/cpython/pull/24889 ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib should not use the host from the PASV response
Change by Gregory P. Smith : -- pull_requests: +23649 pull_request: https://github.com/python/cpython/pull/24888 ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib should not use the host from the PASV response
Change by Gregory P. Smith : -- pull_requests: +23648 pull_request: https://github.com/python/cpython/pull/24887 ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib should not use the host from the PASV response
Change by Gregory P. Smith : -- pull_requests: +23647 stage: commit review -> patch review pull_request: https://github.com/python/cpython/pull/24886 ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib should not use the host from the PASV response
Gregory P. Smith added the comment: A What's New entry is a good idea. I'll make one and add it to those backport PRs. (reopened to remind me of that) ftplib docs... I don't actually want to document the attribute that people can set for the old behavior beyond the notes in NEWS or What's New. It is something I anticipate nobody in the world ever actually setting so I'd rather not imply that anyone even should by giving it more prominent doc space. Other things that have fixed this repeated bug in their program that supports ftp over the years have not added an opt-out as far as I could tell in my quick searching. -- status: closed -> open ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib should not use the host from the PASV response
Gregory P. Smith added the comment: 3.7 and 3.6 backport PRs created and assigned to release manager Ned for merging. -- nosy: +ned.deily resolution: -> fixed stage: patch review -> commit review status: open -> closed ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib should not use the host from the PASV response
Gregory P. Smith added the comment: New changeset 664d1d16274b47eea6ec92572e1ebf3939a6fa0c by Gregory P. Smith in branch '3.8': [3.8] bpo-43285 Make ftplib not trust the PASV response. (GH-24838) (GH-24881) https://github.com/python/cpython/commit/664d1d16274b47eea6ec92572e1ebf3939a6fa0c -- ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib should not use the host from the PASV response
Change by Gregory P. Smith : -- pull_requests: +23639 pull_request: https://github.com/python/cpython/pull/24881 ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib should not use the host from the PASV response
Gregory P. Smith added the comment: New changeset 0ab152c6b5d95caa2dc1a30fa96e10258b5f188e by Gregory P. Smith in branch 'master': bpo-43285 Make ftplib not trust the PASV response. (GH-24838) https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e -- ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43478] Disallow Mock spec arguments from being Mocks
Gregory P. Smith added the comment: Lets go ahead and try making this a breaking change in 3.10. If users report it causes a bunch of problems during the beta -that they don't want to address so soon- (they are all likely bugs in test suites...) we can soften it to a warning for a cycle. My hope is that we won't need to do that. -- ___ Python tracker <https://bugs.python.org/issue43478> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43478] Disallow Mock spec arguments from being Mocks
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43478> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue35278] [security] directory traversal in tempfile prefix
Change by Gregory P. Smith : -- versions: +Python 3.10, Python 3.6, Python 3.7, Python 3.9 ___ Python tracker <https://bugs.python.org/issue35278> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue41200] Add pickle.loads fuzz test
Change by Gregory P. Smith : -- resolution: -> rejected stage: -> resolved status: open -> closed ___ Python tracker <https://bugs.python.org/issue41200> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue42988] [security] CVE-2021-3426: Information disclosure via pydoc -p: /getfile?key=path allows to read arbitrary file on the filesystem
Gregory P. Smith added the comment: FWIW, I don't think we should even have a server feature in pydoc... -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue42988> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib should not use the host from the PASV response
Change by Gregory P. Smith : -- title: ftplib use host from PASV response -> ftplib should not use the host from the PASV response ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib use host from PASV response
Gregory P. Smith added the comment: I'm not interested in chasing down a CVE for this myself. If anyone wants to jump through the hoops to obtain one, the text used for curl in the hackerone link is likely a good guide. My PR includes a way for people to opt-out of the secure behavior (why would anyone ever want that?) by setting the use_untrusted_server_pasv_ipv4_addr attribute to True on their ftplib.FTP instance. Setting that attribute on a server lacking this fix is a no-op, making it safe to add to code running on any version. This is an embarrassingly old widespread common issue in a large number of ftp clients. Even the 1998 IPv6 RFC https://tools.ietf.org/html/rfc2428 indirectly acknowledges its existence by disallowing the new EPSV command that replaces PASV from returning anything other than the port number while leaving fields for the other values present but empty... -- ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib use host from PASV response
Change by Gregory P. Smith : -- keywords: +patch pull_requests: +23603 stage: needs patch -> patch review pull_request: https://github.com/python/cpython/pull/24838 ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43285] ftplib use host from PASV response
Gregory P. Smith added the comment: Indeed, the `host` on that line there should just be ignored with the IP address of the original data connection used in its place. Your https://hackerone.com/reports/1040166 link provides plenty of information and likes to prior art mitigations other ftp clients including Firefox and Chrome well over a decade ago. -- assignee: -> gregory.p.smith nosy: +gregory.p.smith stage: -> needs patch versions: +Python 3.10, Python 3.6, Python 3.7, Python 3.8 ___ Python tracker <https://bugs.python.org/issue43285> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43357] Python memory cleaning
Gregory P. Smith added the comment: CPython itself doesn't have guaranteed way to do this kind of thing. There is no tracking of which types clear memory let alone which API calls may make copies of data in places within their C that are not explicitly cleared afterwards. We do not have a plan to implement this. For data that MUST NOT remain in memory in any form anywhere as soon as code is done with it, the best thing to do is isolate all code inputting, processing, and clearing that within the confines of a lower level extension module or a short lived subprocess. -- nosy: +gregory.p.smith resolution: -> rejected stage: -> resolved status: open -> closed type: security -> enhancement versions: +Python 3.10 -Python 3.9 ___ Python tracker <https://bugs.python.org/issue43357> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue33136] Harden ssl module against CVE-2018-8970
Gregory P. Smith added the comment: yes, this was fixed. -- nosy: +gregory.p.smith resolution: -> fixed stage: patch review -> commit review status: open -> closed ___ Python tracker <https://bugs.python.org/issue33136> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue40763] zipfile.extractall is safe by now
Gregory P. Smith added the comment: amaajemyfren is correct (and thanks for the pointers to the original issue and discussion). The warning remains out of caution. -- nosy: +gregory.p.smith resolution: -> not a bug stage: -> resolved status: open -> closed ___ Python tracker <https://bugs.python.org/issue40763> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue42322] Spectre mitigations in CPython interpreter
Gregory P. Smith added the comment: Compiling everything (your entire OS and libraries and CPython itself) with compiler mitigations is recommended. I agree, there is nothing specific we need to do within CPython itself. -- nosy: +gregory.p.smith resolution: -> not a bug stage: -> resolved status: open -> closed ___ Python tracker <https://bugs.python.org/issue42322> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43086] Excess data in not handled properly in binascii.a2b_base64()
Change by Gregory P. Smith : -- assignee: -> gregory.p.smith nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43086> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43423] Subprocess IndexError possible in _communicate
Gregory P. Smith added the comment: The bug is fixed, Thanks Chris! There was a refactoring noted as being nice in my comments on the primary main branch PR that would be nice to have. But isn't critical. If you want to make a PR for that, just reuse this bpo-43423 issue number on the PR and assign it to me. The backports to 3.9 an 3.8 are approved and should automerge after CI finishes. -- resolution: -> fixed stage: patch review -> commit review status: open -> closed ___ Python tracker <https://bugs.python.org/issue43423> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43423] Subprocess IndexError possible in _communicate
Gregory P. Smith added the comment: New changeset b4fc44bb2d209182390b4f9fdf074a46b0165a2f by Chris Griffith in branch 'master': bpo-43423 Fix IndexError in subprocess _communicate function (GH-24777) https://github.com/python/cpython/commit/b4fc44bb2d209182390b4f9fdf074a46b0165a2f -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43423> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue42967] [CVE-2021-23336] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator
Gregory P. Smith added the comment: Riccardo - FWIW I agree, the wrong part of the stack was blamed and a CVE was wrongly sought for against CPython on this one. It's sewage under the bridge at this point. The API change has shipped in several different stable releases and thus is something virtually Python all code must now deal with. Why was this a bad change to make? Python's parse_qsl obeyed the prevailing HTML 4 standard at the time it was written: https://www.w3.org/TR/html401/appendix/notes.html#ampersands-in-uris ''' We recommend that HTTP server implementors, and in particular, CGI implementors support the use of ";" in place of "&" ''' That turns out to have been bad advice in the standard. 15 years later the html5 standard quoted in Adam's snyk blog post links to its text on this which leaves no room for that interpretation. In that light, the correct thing to do for this issue would be to: * Make the default behavior change in 3.10 match the html5 standard [done]. * Document that it matches the html4 standard in 3.9 and earlier without changing their default behavior [oops, too late, not done]. * While adding the ability to allow applications to select the stricter behavior on those older versions. [only sort of done, and somewhat too late now that the strict version has already shipped as stable] Afterall, the existence of html5 didn't magically fix all of the html and web applications written in the two decades of web that came before it. Ask any browser author... -- ___ Python tracker <https://bugs.python.org/issue42967> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43332] Make http.client._tunnel send one byte string over the network
Gregory P. Smith added the comment: I only ported this back to 3.9 as it is a bit late in 3.8's release cycle for a pure performance fix of an issue that has been around for ages. Thanks for raising the issue. The main http code already did this, the tunnel proxy code path clearly hadn't gotten much love. -- resolution: -> fixed stage: patch review -> commit review status: open -> closed versions: -Python 3.8 ___ Python tracker <https://bugs.python.org/issue43332> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43332] Make http.client._tunnel send one byte string over the network
Gregory P. Smith added the comment: New changeset c25910a135c2245accadb324b40dd6453015e056 by Gregory P. Smith in branch 'master': bpo-43332: Buffer proxy connection setup packets before sending. (GH-24780) https://github.com/python/cpython/commit/c25910a135c2245accadb324b40dd6453015e056 -- ___ Python tracker <https://bugs.python.org/issue43332> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43332] Make http.client._tunnel send one byte string over the network
Change by Gregory P. Smith : -- assignee: -> gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43332> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43332] Make http.client._tunnel send one byte string over the network
Change by Gregory P. Smith : -- keywords: +patch pull_requests: +23545 stage: needs patch -> patch review pull_request: https://github.com/python/cpython/pull/24780 ___ Python tracker <https://bugs.python.org/issue43332> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43332] Make http.client._tunnel send one byte string over the network
Gregory P. Smith added the comment: FYI another common socket idiom for this, specifically added for use in old HTTP 1.x servers building up responses, is setting and clearing the TCP_CORK (Linux) or TCP_NOPUSH (FreeBSD, and maybe macos? [buggy?]) socket option before and after the set of send()s you want to be optimally buffered into packets. A more modern approach (often used with TCP_CORK) is not to build up a single buffer at all. Instead use writev(). os.writev() exists in Python these days. It limits userspace data shuffling in the normal case of everything getting written. Unfortunately... this old http client code and API isn't really setup for that. Everything is required to go through the HTTPConnection.send method. And the send method is not defined to take a list of bytes objects as writev() would require. So for this code, the patch we want is just the joined bytes or BytesIO. It is the simple better change that works everywhere without getting into platform specific idioms. For modern best practices I'd look to the async frameworks instead of this older library. -- ___ Python tracker <https://bugs.python.org/issue43332> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43332] Make http.client._tunnel send one byte string over the network
Change by Gregory P. Smith : -- stage: -> needs patch ___ Python tracker <https://bugs.python.org/issue43332> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43332] Make http.client._tunnel send one byte string over the network
Gregory P. Smith added the comment: yep, that'd be a worthwhile improvement. note that the send method in that code also accepts BytesIO objects so rather than doing our own sequence of bytes and join we could just buffer in one of those. -- ___ Python tracker <https://bugs.python.org/issue43332> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43390] Set the SA_ONSTACK in PyOS_setsig to play well with other VMs like Golang
Gregory P. Smith added the comment: I expect zero fallout from this given the semantics. SA_ONSTACK really appears to be something that should've been the POSIX default since it was introduced as a feature in ~BSD4.2 in the early 80s. But it never was. It'll be good to have in the beta releases to see if anyone pipes up. We'll be running our interpreter inside Google with this flag enabled. -- resolution: -> fixed stage: patch review -> commit review status: open -> closed ___ Python tracker <https://bugs.python.org/issue43390> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43390] Set the SA_ONSTACK in PyOS_setsig to play well with other VMs like Golang
Gregory P. Smith added the comment: New changeset 02ac6f41e5569ec28d625bb005155903f64cc9ee by Gregory P. Smith in branch 'master': bpo-43390: Set SA_ONSTACK in PyOS_setsig (GH-24730) https://github.com/python/cpython/commit/02ac6f41e5569ec28d625bb005155903f64cc9ee -- ___ Python tracker <https://bugs.python.org/issue43390> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43403] Misleading statement about bytes not being able to represent windows filenames in documentation
New submission from Gregory P. Smith : As noted in the comment on https://github.com/rdiff-backup/rdiff-backup/issues/540#issuecomment-789485896 The Python documentation in https://docs.python.org/3/library/os.path.html makes an odd claim that bytes cannot represent all file names on Windows. That doesn't make sense. bytes can by definition represent everything. """Vice versa, using bytes objects cannot represent all file names on Windows (in the standard mbcs encoding), hence Windows applications should use string objects to access all files.""" Could we get this clarified and corrected to cover what any actual technical limitation is? Every OS is going to reject some bytes objects as a pathname for containing invalid byte sequences for their filesystem (ex: I doubt any OS allows null b'\0' characters). But lets not claim that bytes cannot represent everything on a filesystem with an encoding. -- assignee: docs@python components: Documentation messages: 388122 nosy: docs@python, gregory.p.smith, steve.dower priority: normal severity: normal stage: needs patch status: open title: Misleading statement about bytes not being able to represent windows filenames in documentation versions: Python 3.10, Python 3.7, Python 3.8, Python 3.9 ___ Python tracker <https://bugs.python.org/issue43403> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43391] The comments have invalid license information (broken Python 2.4 URL for Python 3)
Gregory P. Smith added the comment: New changeset b225d91f0a92d657d9a1b62daa53ab239c8191e3 by Kamil Turek in branch 'master': bpo-43391: Remove the broken Python 2.4 link from the comment (GH-24736) https://github.com/python/cpython/commit/b225d91f0a92d657d9a1b62daa53ab239c8191e3 -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43391> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue40701] tempfile mixes str and bytes in an inconsistent manner
Gregory P. Smith added the comment: New changeset 9c7927400cd8f1d283bf7915b6b33fea81b8655d by Eric L in branch 'master': bpo-40701: tempfile mixes str and bytes in an inconsistent manner (GH-20442) https://github.com/python/cpython/commit/9c7927400cd8f1d283bf7915b6b33fea81b8655d -- ___ Python tracker <https://bugs.python.org/issue40701> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43382] github CI blocked by the Ubuntu CI with an SSL error
Gregory P. Smith added the comment: we may not need that: Closing and reopening the PR worked. I suspect the github CI "rerun" button was "rerun in the exact same config". -- ___ Python tracker <https://bugs.python.org/issue43382> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43382] github CI blocked by the Ubuntu CI with an SSL error
Gregory P. Smith added the comment: yeah i figured it might require a rebase. if anyone has the appropriate git command to do that to a branch, creating a 2-4 step CLI playbook for people to apply to pending PR branches would be useful. -- ___ Python tracker <https://bugs.python.org/issue43382> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43382] github CI blocked by the Ubuntu CI with an SSL error
Gregory P. Smith added the comment: How do I get a CI run on a PR to actually pickup this change? clicking rerun failed. -- ___ Python tracker <https://bugs.python.org/issue43382> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43390] Set the SA_ONSTACK in PyOS_setsig to play well with other VMs like Golang
Change by Gregory P. Smith : -- type: -> resource usage ___ Python tracker <https://bugs.python.org/issue43390> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43390] Set the SA_ONSTACK in PyOS_setsig to play well with other VMs like Golang
Change by Gregory P. Smith : -- keywords: +patch pull_requests: +23502 stage: -> patch review pull_request: https://github.com/python/cpython/pull/24730 ___ Python tracker <https://bugs.python.org/issue43390> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43390] Set the SA_ONSTACK in PyOS_setsig to play well with other VMs like Golang
New submission from Gregory P. Smith : PyOS_setsig currently sets the struct sigaction context.sa_flags = 0 before calling sigaction. Other virtual machines such as Golang depend on signals using SA_ONSTACK such that signal handlers use a specially allocated stack that runtime sets up for reliability reasons as they use tiny stacks on normal threads. SA_ONSTACK is a no-op flag in the typical case where no sigaltstack() call has been made to setup an alternate signal handling stack. (as in 99.99% of all CPython applications) When a C/C++ extension module is linked with cgo to call into a Golang library, doing this increases reliability. As much as I try to dissuade anyone from creating and relying on hidden complexity multi-VM-hybrids in a single process like this, some people do, and this one line change helps. Golang references: https://golang.org/pkg/os/signal/#hdr-Go_programs_that_use_cgo_or_SWIG and https://go-review.googlesource.com/c/go/+/298269/ (which clarifies that SA_RESTART is no longer a requirement. Good. Because Python won't get along well with that one.) -- assignee: gregory.p.smith components: Interpreter Core messages: 388036 nosy: gregory.p.smith priority: normal severity: normal status: open title: Set the SA_ONSTACK in PyOS_setsig to play well with other VMs like Golang versions: Python 3.10 ___ Python tracker <https://bugs.python.org/issue43390> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43382] github CI blocked by the Ubuntu CI with an SSL error
New submission from Gregory P. Smith : https://github.com/python/cpython/pull/20442/checks?check_run_id=2018900756 ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:1122) [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1122) ssl.SSLError: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:1122) ssl.SSLError: [SSL] internal error (_ssl.c:1122) ssl.SSLError: [SSL] called a function you should not call (_ssl.c:1122) ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:1122) ssl.SSLError: [SSL: UNEXPECTED_MESSAGE] unexpected message (_ssl.c:1122) ssl.SSLError: [SSL: TLSV1_ALERT_INTERNAL_ERROR] tlsv1 alert internal error (_ssl.c:1122) [SSL: NO_PROTOCOLS_AVAILABLE] no protocols available (_ssl.c:1122) ... and so on ... This CI failure is preventing any PR from being merged. Do we have a bad test certificate in the tree we need to update? Or did some Ubuntu CI infrastructure just fall over and start rejecting a certificate it used to accept? I believe this started around ~20210302T1500 UTC. -- assignee: christian.heimes components: Build, SSL, Tests messages: 387998 nosy: christian.heimes, gregory.p.smith, lukasz.langa, ned.deily priority: release blocker severity: normal status: open title: github CI blocked by the Ubuntu CI with an SSL error type: behavior versions: Python 3.10, Python 3.7, Python 3.8, Python 3.9 ___ Python tracker <https://bugs.python.org/issue43382> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue40701] tempfile mixes str and bytes in an inconsistent manner
Gregory P. Smith added the comment: I clarified the documentation in the PR and added a regression test. I chose to explicitly document that tempfile.tempdir may only be str or bytes and cannot be a path-like object. We already document that people really should not set it and instead pass dir= to their APIs. Now the docs make that more clear when it comes to setting it to a bytes object due to the global API return type change consequences. I view this PR as cleaning up a partial misbehavior while preserving an API wart of it ever working in any manner when set to a bytes value. getting rid of tempfile.tempdir entirely or preventing it from being a bytes value at all would be much more of a breaking change, even though desirable. Not a bugfix. Now with the PR as is, we at least document that people should avoid doing that and make it clear what consistent behavior happens when they do it anyways. With a test. -- ___ Python tracker <https://bugs.python.org/issue40701> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue42967] [CVE-2021-23336] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator
Gregory P. Smith added the comment: An example code snippet to detect if the API supports the new parameter at runtime for code that wants to use to use something other than the default '&'. ``` if 'separator' in inspect.signature(urllib.parse.parse_qs).parameters: ... parse_qs(..., separator=';') else: ... parse_qs(...) ``` calling it with the arg and catching TypeError if that fails would also work, but might not be preferred as catching things like TypeError is non-specific and could hide other problems, making it a code maintenance headache. -- ___ Python tracker <https://bugs.python.org/issue42967> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue42967] [CVE-2021-23336] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator
Gregory P. Smith added the comment: FYI - This was somewhat of an unfortuate API change. I'm coming across code that relies on ; also being treated as a separator by parse_qs(). That code is now broken with no easy way around it. And I'm only seeing things lucky enough to have an explicit test that happens to rely in some way on that behavior. How much code doesn't? It's been a mix of some clearly broken code (ex appearing in the URI being parsed) and code where it is not so immediately obvious if there is a problem or not (up to the code owners to dive in and figure that out...). The workarounds for people implementing "fixes" to previously working as intended rather than "oops that was a html charref" code are annoying. Our new separator= parameter does not allow one to achieve the previous behavior if mixing and matching & And ; was intended to be allowed, as it is a single separator rather than a set of separators. For security fixes, a way for people to explicitly opt-in to now-deemed-undesirable-by-default behavior they got from the API is desirable. We failed to provide that here. Just a heads up with no suggested remediation for now. I'm still unsure how big a problem this will turn out to be or not or if it is identifying actual worthwhile issues in code. It's certainly a headache for a few. -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue42967> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43172] Fix test_readline when compiled using --with-readline=edit
Change by Gregory P. Smith : -- resolution: -> fixed stage: patch review -> commit review status: open -> closed ___ Python tracker <https://bugs.python.org/issue43172> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43172] Fix test_readline when compiled using --with-readline=edit
Gregory P. Smith added the comment: New changeset fd053fdd39fbdf114b4218ea4309666bafa95788 by Gregory P. Smith in branch 'master': bpo-43172: readline now passes its tests when built against libedit (GH-24499) https://github.com/python/cpython/commit/fd053fdd39fbdf114b4218ea4309666bafa95788 -- ___ Python tracker <https://bugs.python.org/issue43172> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43145] Leak of locks from multiprocessing.Process
Change by Gregory P. Smith : -- title: Leak of locks in a subprocess -> Leak of locks from multiprocessing.Process ___ Python tracker <https://bugs.python.org/issue43145> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue31751] Support for C++ 11 and/or C++ 14 in macOS python.org installer
Gregory P. Smith added the comment: seems likely. reopen if this is still relevant to any modern release. -- nosy: +gregory.p.smith resolution: -> out of date stage: -> resolved status: open -> closed title: Support for C++ 11 and/or C++ 14 in python.org installer -> Support for C++ 11 and/or C++ 14 in macOS python.org installer ___ Python tracker <https://bugs.python.org/issue31751> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43181] Python macros don’t shield arguments
Change by Gregory P. Smith : -- nosy: +vstinner ___ Python tracker <https://bugs.python.org/issue43181> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue43181] Python macros don’t shield arguments
Gregory P. Smith added the comment: This bug is valid, that macro and likely others aren't up to best practices. C macros are a PITA to get right. -- keywords: +3.9regression nosy: +gregory.p.smith stage: -> needs patch type: -> compile error versions: +Python 3.10 ___ Python tracker <https://bugs.python.org/issue43181> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com