[issue2504] Add gettext.pgettext() and variants support

Hanno Zulla added the comment: Can we please get pgettext for Python? -- nosy: +Hanno.Zulla ___ Python tracker <http://bugs.python.org/issue2504> ___ ___ Pytho

[issue14036] urlparse insufficient port property validation

zulla added the comment: we should at least check if the .port attribute is an intereger >= 1 and <= 65535. _because_ this is the only valid port range. otherwise, it is no valid port. but it may be a integer overflow attack attempt when a developer uses .port, he is counting on the

[issue14036] urlparse insufficient port property validation

zulla added the comment: Your comment is completely senseless, sorry. Of course such high port numbers do not exist. An attacker is counting on that. Imagine something like that pass_to_cython(urlparse("http://google.de:99**99[to be calculated]&q

[issue14036] urlparse insufficient port property validation

zulla added the comment: >>> u("http://www.google.com:99";).port 99L -- ___ Python tracker <http://bugs

[issue14036] urlparse insufficient port property validation

zulla added the comment: I understand your point of view, but I disagree. Various libraries and projects rely on urlparse.urlparse and urllib.parse.urlparse. This bug just blew up in my face. I'm working with Cython and PyQt4. When a developer relies on ParseResult().netloc being a

[issue14036] urlparse insufficient port property validation

Changes by zulla : Removed file: http://bugs.python.org/file24535/urlparse.py ___ Python tracker <http://bugs.python.org/issue14036> ___ ___ Python-bugs-list mailin

[issue14036] urlparse insufficient port property validation

zulla added the comment: Whops. I forgot an int() :-) Here's the right patch. -- Added file: http://bugs.python.org/file24540/testurllib.py ___ Python tracker <http://bugs.python.org/is

[issue14036] urlparse insufficient port property validation

zulla added the comment: Hi. No, it's a patched version. It won't crash under circumstances like that [1] and won't succeed with invalid input: >>> import urlparse >>> urlparse.urlparse("http://www.google.com:foo";) ParseResult(scheme='htt

[issue14036] urlparse insufficient port property validation

zulla added the comment: The "port" and "netloc" component of a ParsedResult-object is not properly sanitized or validated. This may lead to bypass-able hostname-based filters. Remote Crash vulnerabilities be be also possible. -- __

[issue14036] urlparse insufficient port property validation

New submission from zulla : The "port" component of a URL is not properly be sanitized or validated. This may lead to the evasion of netloc/hostname based filters or exceptions. -- components: Library (Lib) files: testurllib.py messages: 153512 nosy: zulla priority: norma