[issue13814] Document why generators don't support the context management protocol

Nick Coghlan added the comment: Generators deliberately don't support the context management protocol. This is so that they raise an explicit TypeError or AttributeError (pointing out that __exit__ is missing) if you leave out the @contextmanager decorator when you're using a generator to wri

[issue8052] subprocess close_fds behavior should only close open fds

Gregory P. Smith added the comment: For FreeBSD, Python 3.2 and 3.3 now check to see if /dev/fd is valid. Be sure and "mount -t fdescfs none /dev/fd" on FreeBSD if you want faster subprocess launching. Run a FreeBSD buildbot? Please do it! For Python 3.1 the fix for #13788 would fix this,

[issue8052] subprocess close_fds behavior should only close open fds

Roundup Robot added the comment: New changeset 754c2eb0a92c by Gregory P. Smith in branch '3.2': Fix FreeBSD, NetBSD and OpenBSD behavior of the issue #8052 fix. http://hg.python.org/cpython/rev/754c2eb0a92c New changeset 7d4658a8de96 by Gregory P. Smith in branch 'default': Fix FreeBSD, NetBSD

[issue11551] test_dummy_thread.py test coverage improvement

Denver Coneybeare added the comment: I've looked at the review (thanks for the review) and can submit an updated patch. I don't have the Python source code pulled down to my PC anymore so it might take a week or two before I'm able to update the patch and test it out. I imagine that's not t

[issue13783] Clean up PEP 380 C API additions

Meador Inge added the comment: 'PyStopIteration_Create' is just a trivial wrapper: PyObject * PyStopIteration_Create(PyObject *value) { return PyObject_CallFunctionObjArgs(PyExc_StopIteration, value, NULL); } It is not needed. As for 'PyGen_FetchStopIterationValue', does it really need to

[issue13703] Hash collision security issue

Paul McMillan added the comment: On Sat, Jan 21, 2012 at 3:47 PM, Alex Gaynor wrote: > I'm able to put N pieces of data into the database on successive requests, > but then *rendering* that data puts it in a dictionary, which renders that > page unviewable by anyone. This and the problems Fran

[issue13790] In str.format an incorrect error message for list, tuple, dict, set

Terry J. Reedy added the comment: Looking further, I noticed that 'string' needed to be changed to 'specification' in the following sentence also. Then I decided that the preceding sentence "Most built-in types implement the following options for format specifications, although some of the

[issue13703] Hash collision security issue

Dave Malcolm added the comment: 5 more characters: PYTHONHASHTABLEPROTECTION or PYHASHTABLEPROTECTION maybe? I'm in *both* camps: I like hash seed randomization fwiw. I'm nervous about enabling either of the approaches by default, but I can see myself backporting both approaches into RHEL's an

[issue13609] Add "os.get_terminal_size()" function

Denilson Figueiredo de Sá added the comment: On Sat, Jan 21, 2012 at 17:40, Giampaolo Rodola' wrote: > > Given the different opinions about the API, I think it's best to expose the > lowest > level functionality as-is, and let the user decide what to do (read env vars > first, > suppress the

[issue13703] Hash collision security issue

Alex Gaynor added the comment: On Sat, Jan 21, 2012 at 5:42 PM, Gregory P. Smith wrote: > > Gregory P. Smith added the comment: > > On Sat, Jan 21, 2012 at 2:45 PM, Antoine Pitrou > wrote: > > > > Antoine Pitrou added the comment: > > > >> You said above that it should be hardcoded; if so, h

[issue13703] Hash collision security issue

Gregory P. Smith added the comment: On Sat, Jan 21, 2012 at 2:45 PM, Antoine Pitrou wrote: > > Antoine Pitrou added the comment: > >> You said above that it should be hardcoded; if so, how can it be changed >> at run-time from an environment variable?  Or am I misunderstanding. > > You're righ

[issue8052] subprocess close_fds behavior should only close open fds

Roundup Robot added the comment: New changeset d0acd8169c2a by Gregory P. Smith in branch '3.2': Bugfix for issue #8052 fix on *BSD variants. http://hg.python.org/cpython/rev/d0acd8169c2a New changeset 5be3dadd2eef by Gregory P. Smith in branch '3.2': Another issue #8052 bugfix (related to prev

[issue13405] Add DTrace probes

Antoine Pitrou added the comment: > So, yes. The code is intrusive. The code deals with a lot of internal > machinery (PEP393 support in the ustack helper was quite difficult). > It is going to break from time to time, sure. At the same time, I am > committed to support it. And even if it is dro

[issue8052] subprocess close_fds behavior should only close open fds

Roundup Robot added the comment: New changeset 780992c9afea by Gregory P. Smith in branch '3.2': Add a Misc/NEWS entry for issue 8052. http://hg.python.org/cpython/rev/780992c9afea New changeset 1f0a01dc723c by Gregory P. Smith in branch 'default': A Misc/NEWS entry for issue 8052. http://hg.py

[issue13609] Add "os.get_terminal_size()" function

Antoine Pitrou added the comment: > +1. I also find weird that a function, especially one living in the os > module, has such a high level of abstraction (basically this is why I > was originally proposing shutil module for this to go in). > > Given the different opinions about the API, I think

[issue13703] Hash collision security issue

Antoine Pitrou added the comment: > You said above that it should be hardcoded; if so, how can it be changed > at run-time from an environment variable? Or am I misunderstanding. You're right, I used the wrong word. I meant it should be a constant independently of the dict size. But, indeed, n

[issue13703] Hash collision security issue

Dave Malcolm added the comment: On Sat, 2012-01-21 at 22:20 +, Antoine Pitrou wrote: > Sounds a bit overkill, and it shouldn't be a public API (which > __methods__ are). Even a private API on dicts would quickly become > visible, since dicts are so pervasive. Fair enough. > > > > Caveats:

[issue8052] subprocess close_fds behavior should only close open fds

Roundup Robot added the comment: New changeset 61aa484a3e54 by Gregory P. Smith in branch '3.2': Fixes issue #8052: The posix subprocess module's close_fds behavior was http://hg.python.org/cpython/rev/61aa484a3e54 New changeset 8879874d66a2 by Gregory P. Smith in branch 'default': Fixes issue

[issue13703] Hash collision security issue

Antoine Pitrou added the comment: > I wonder if the dict statistics should be exposed with extra attributes > or a method on the dict; e.g. a __stats__ attribute, something like > this: > > LargeDictStats(keys=58, mask=127, insertions=53, iterations=1697) > > SmallDictStats(keys=3, mask=7) So

[issue13703] Hash collision security issue

Dave Malcolm added the comment: Well, the old attempt was hardly robust :) Can anyone see any vulnerabilities in this approach? Yeah; I was mostly trying to add raw data (to help me debug the implementation). I wonder if the dict statistics should be exposed with extra attributes or a method

[issue13816] Two typos in the docs

Stefan Krah added the comment: > ... with *n*th (italic n) as alternate form Knuth uses that in TAOCP, too. I think with or without italics it's the most frequently used form overall. Also the Lisp function is called nth and not n-th, even though in Lisp it is possible to use hyphens in functi

[issue13609] Add "os.get_terminal_size()" function

Giampaolo Rodola' added the comment: > read environment varaiables [...] and raise an error if the size cannot be > read (so no need of default values). The os module is written as a thin > wrapper between Python and the OS. A more high level function (read > environment variables, handle the e

[issue12922] StringIO and seek()

Changes by Antoine Pitrou : -- resolution: -> fixed stage: needs patch -> committed/rejected status: open -> closed ___ Python tracker ___ __

[issue12922] StringIO and seek()

Roundup Robot added the comment: New changeset 03e61104f7a2 by Antoine Pitrou in branch '3.2': Issue #12922: fix the TextIOBase documentation to include a description of seek() and tell() methods. http://hg.python.org/cpython/rev/03e61104f7a2 New changeset f7e5abfb31ea by Antoine Pitrou in bra

[issue13609] Add "os.get_terminal_size()" function

Antoine Pitrou added the comment: > > Does this need need more discussion, code review, testing, > > or just more time? > > As I already wrote, I would prefer a very simple > os.get_terminal_size() function: don't read environment varaiables, > use a simple tuple instead of a new type, and rais

[issue13703] Hash collision security issue

Antoine Pitrou added the comment: > In this patch, rather than reset the count each time, I keep track of > the total number of calls to insertdict() that have happened for each > "large dict" (i.e. for which ma_table != ma_smalltable), and the total > number of probe iterations that have been n

[issue13790] In str.format an incorrect error message for list, tuple, dict, set

Eric V. Smith added the comment: The error message will be: "non-empty format string passed to object.__format__". I agree with your comment about Terry's patch. -- ___ Python tracker ___

[issue13703] Hash collision security issue

Dave Malcolm added the comment: (or combination of fixes, of course) -- ___ Python tracker ___ ___ Python-bugs-list mailing list Unsu

[issue13829] exception error

Brett Cannon added the comment: Then I'm going to assume the bug lies with Moviegrabber doing something wrong and it isn't Python's direct fault. -- resolution: -> invalid status: open -> closed ___ Python tracker

[issue13703] Hash collision security issue

Dave Malcolm added the comment: On Sat, 2012-01-21 at 14:27 +, Antoine Pitrou wrote: > Antoine Pitrou added the comment: > > > Thoughts? (apart from "ugh! it's ugly!" yes I know - it's late here) > > Is it guaranteed that no usage pattern can render this protection > inefficient? What if

[issue13703] Hash collision security issue

Zbyszek Szmek added the comment: The hashing with random seed is only marginally slower or more complicated than current version. The patch is big because it moves random number generator initialization code around. There's no "per object" tax, and the cost of the random number generator ini

[issue13706] non-ascii fill characters no longer work in formatting

STINNER Victor added the comment: I fixed the original report, but there is still an issue with non-ASCII thousands separator. -- ___ Python tracker ___ ___

[issue13706] non-ascii fill characters no longer work in formatting

Roundup Robot added the comment: New changeset 231c6042c40c by Victor Stinner in branch 'default': Issue #13706: Support non-ASCII fill characters http://hg.python.org/cpython/rev/231c6042c40c -- nosy: +python-dev ___ Python tracker

[issue13703] Hash collision security issue

Antoine Pitrou added the comment: > Thoughts? (apart from "ugh! it's ugly!" yes I know - it's late here) Is it guaranteed that no usage pattern can render this protection inefficient? What if a dict is constructed by intermingling lookups and inserts? Similarly, what happens with e.g. the commo

[issue13790] In str.format an incorrect error message for list, tuple, dict, set

R. David Murray added the comment: So the error is going to be something about the source type not supporting '__format__'? That change will also address the OP's concern about truncated reprs when a fixed string length is specified, so I agree that the title issue can be closed. Terry's pa

[issue13609] Add "os.get_terminal_size()" function

STINNER Victor added the comment: > Does this need need more discussion, code review, testing, > or just more time? As I already wrote, I would prefer a very simple os.get_terminal_size() function: don't read environment varaiables, use a simple tuple instead of a new type, and raise an error

[issue13790] In str.format an incorrect error message for list, tuple, dict, set

Eric V. Smith added the comment: While looking at object.__format__, I recall that we've already addressed this, sort of. For a different reason, this is already deprecated in 3.3 and will become an error in 3.4. See issues 9856 and 7994. $ ./python -Wd Python 3.3.0a0 (default:40e1be1e0707, J

[issue6631] Disallow relative files paths in urllib*.open()

Senthil Kumaran added the comment: Actually, I saw this as a bug with urllib.urlopen and urllib2 had exhibited proper behaviour previously. Now, both behaviour will be consistent now. But, you are right that an *incorrect* usage of urllib.urlopen would break in 2.7.2. If we need to be lenient

[issue6631] Disallow relative files paths in urllib*.open()

Amaury Forgeot d'Arc added the comment: Sorry, why was this change backported? Does this fix a specific issue in 2.7 or 3.2? On the contrary, it seems to me that code which (incorrectly) used urllib.urlopen() to allow both urls and local files will suddenly break. -- nosy: +amaury.forg