[issue43776] Popen with shell=True yield mangled repr output

2021-04-28 Thread Gregory P. Smith
Change by Gregory P. Smith : -- keywords: +3.9regression ___ Python tracker <https://bugs.python.org/issue43776> ___ ___ Python-bugs-list mailing list Unsub

[issue41486] Add _BlocksOutputBuffer for bz2/lzma/zlib module

2021-04-28 Thread Gregory P. Smith
Gregory P. Smith added the comment: Thanks, this is great work! Especially when living within the constraints of C and the existing code. -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracke

[issue41486] Add _BlocksOutputBuffer for bz2/lzma/zlib module

2021-04-28 Thread Gregory P. Smith
Gregory P. Smith added the comment: New changeset f9bedb630e8a0b7d94e1c7e609b20dfaa2b22231 by Ma Lin in branch 'master': bpo-41486: Faster bz2/lzma/zlib via new output buffering (GH-21740) https://github.com/python/cpython/commit/f9bedb630e8a0b7d94e1c7e609b20dfaa2b22231

[issue43946] unpickling a subclass of list fails when it implements its own extend method

2021-04-27 Thread Gregory P. Smith
Gregory P. Smith added the comment: Thanks, that makes sense. And it at least less ugly than the __new__ hack I was thinking of as a workaround. though similar in spirit. presumably self.append should get the same treatment for completeness given the PEP 307 text. I didn't notice a place

[issue29368] Optimize unpickling list-like objects: use extend() instead of append()

2021-04-26 Thread Gregory P. Smith
Gregory P. Smith added the comment: The PyList_Check -> PyList_CheckExact change led to bugs where subclasses of list that override extend can no longer be unpickled. https://bugs.python.org/issue43946 -- nosy: +gregory.p.smith ___ Python trac

[issue43946] unpickling a subclass of list fails when it implements its own extend method

2021-04-26 Thread Gregory P. Smith
New submission from Gregory P. Smith : The changes from https://bugs.python.org/issue29368 are causing a subclass of list trouble: ``` class FieldList(list): ... def extend(...): ... ``` FieldList has its own extend and append methods that implement additional checks

[issue41639] Unpickling derived class of list does not call __init__()

2021-04-26 Thread Gregory P. Smith
Gregory P. Smith added the comment: this looks resolved? -- nosy: +gregory.p.smith resolution: -> not a bug stage: -> resolved status: open -> closed ___ Python tracker <https://bugs.python.or

[issue43883] Making urlparse WHATWG conformant

2021-04-23 Thread Gregory P. Smith
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43883> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue30713] Reject newline character (U+000A) in URLs in urllib.parse

2021-04-23 Thread Gregory P. Smith
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue30713> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue7247] test_fcntl_64_bit from test_fcntl.py fails in Python 2.6.4

2021-04-20 Thread Gregory P. Smith
Gregory P. Smith added the comment: given how old this is and how i added that test skip presumably when i setup my first arm buildbot... closing. -- assignee: -> gregory.p.smith resolution: -> fixed stage: patch review -> resolved status: open

[issue43686] re.match appears to hang with certain combinations of pattern and string

2021-04-11 Thread Gregory P. Smith
Gregory P. Smith added the comment: Try something like https://pypi.org/project/pyre2/ or _maybe_ https://pypi.org/project/regex/ (I didn't think that one tried to do a breadth first approach though so maybe not) I'm marking this a duplicate of the age old issue around degenerate patterns

[issue1662581] the re module can perform poorly: O(2**n) versus O(n**2)

2021-04-11 Thread Gregory P. Smith
Gregory P. Smith added the comment: https://pypi.org/project/pyre2/ seems to be a maintained version of that for use on modern Python interpreters. -- ___ Python tracker <https://bugs.python.org/issue1662

[issue43574] Regression in overallocation for literal list initialization in v3.9+

2021-04-11 Thread Gregory P. Smith
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43574> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue43787] Optimize BZ2File, GzipFile, and LZMAFile __iter__ method.

2021-04-11 Thread Gregory P. Smith
Change by Gregory P. Smith : -- stage: -> needs patch ___ Python tracker <https://bugs.python.org/issue43787> ___ ___ Python-bugs-list mailing list Unsubscrib

[issue43787] Optimize BZ2File, GzipFile, and LZMAFile __iter__ method.

2021-04-11 Thread Gregory P. Smith
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43787> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue43785] Remove RLock from BZ2File

2021-04-11 Thread Gregory P. Smith
Gregory P. Smith added the comment: I see you're already tracking __iter__ in https://bugs.python.org/issue43787, perfect! :) -- ___ Python tracker <https://bugs.python.org/issue43

[issue43785] Remove RLock from BZ2File

2021-04-11 Thread Gregory P. Smith
Gregory P. Smith added the comment: I'm not worried about compatibility on this for 3.10. Nobody realistically expects to be able to have multiple readers from a single BZ2File stream. They don't for the gzip or lzma equivalents. That isn't even a normal thing to do on an actual file

[issue41486] Add _BlocksOutputBuffer for bz2/lzma/zlib module

2021-04-11 Thread Gregory P. Smith
Gregory P. Smith added the comment: looking around it appears you've proposed an independent implementation of this for the thir party brotli module? https://github.com/google/brotli/pull/856 that is what i mean about making this reusable

[issue41486] Add _BlocksOutputBuffer for bz2/lzma/zlib module

2021-04-11 Thread Gregory P. Smith
Gregory P. Smith added the comment: I left some review comments on the PR. I like the algorithm being used. I don't really _like_ that this is a .h file acting as a C template to inject effectively the same static code into each module that wants to use it... Which I think

[issue43808] Add .isfloat() method to str

2021-04-11 Thread Gregory P. Smith
Change by Gregory P. Smith : -- resolution: -> rejected stage: -> resolved status: open -> closed ___ Python tracker <https://bugs.python.or

[issue43776] Popen with shell=True yield mangled repr output

2021-04-10 Thread Gregory P. Smith
Change by Gregory P. Smith : -- assignee: -> gregory.p.smith nosy: +gregory.p.smith versions: +Python 3.10 ___ Python tracker <https://bugs.python.org/issu

[issue40701] tempfile mixes str and bytes in an inconsistent manner

2021-04-10 Thread Gregory P. Smith
Gregory P. Smith added the comment: New changeset e05a703848473b0365886dcc593cbddc46609f29 by Gregory P. Smith in branch 'master': bpo-40701: doc typo historcal -> historical (GH-25334) https://github.com/python/cpython/commit/e05a703848473b0365886dcc593cbddc46609

[issue40701] tempfile mixes str and bytes in an inconsistent manner

2021-04-10 Thread Gregory P. Smith
Change by Gregory P. Smith : -- pull_requests: +24068 pull_request: https://github.com/python/cpython/pull/25334 ___ Python tracker <https://bugs.python.org/issue40

[issue37251] Mocking a MagicMock with a function spec results in an AsyncMock

2021-04-10 Thread Gregory P. Smith
Change by Gregory P. Smith : -- resolution: fixed -> stage: resolved -> needs patch status: closed -> open ___ Python tracker <https://bugs.python.or

[issue43478] Disallow Mock spec arguments from being Mocks

2021-04-09 Thread Gregory P. Smith
Gregory P. Smith added the comment: New changeset dccdc500f9b5dab0a20407ae0178d393796a8828 by Matthew Suozzo in branch 'master': bpo-43478: Restrict use of Mock objects as specs (GH-25326) https://github.com/python/cpython/commit/dccdc500f9b5dab0a20407ae0178d393796a8828

[issue40701] tempfile mixes str and bytes in an inconsistent manner

2021-04-09 Thread Gregory P. Smith
Gregory P. Smith added the comment: Fixed for 3.10. Marking as a release blocker for 3.9 and assigning for a release manager decision on if they accept this change (the PR) as a bugfix in 3.9 or not. (see the PR) It is late enough in 3.8's lifetime I wouldn't touch that one

[issue43725] Create a release branch ABI stability regression test

2021-04-06 Thread Gregory P. Smith
Gregory P. Smith added the comment: Ideally we'd analyze for a representative set of major platforms we ship binaries on. 32-bit and 64-bit Linux are a start, but we should assume that at least windows and linux toolchains may be different and toss in an additional CPU architecture

[issue43684] Add combined opcodes

2021-04-06 Thread Gregory P. Smith
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43684> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue41486] Add _BlocksOutputBuffer for bz2/lzma/zlib module

2021-04-06 Thread Gregory P. Smith
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue41486> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue17305] IDNA2008 encoding is missing

2021-04-06 Thread Gregory P. Smith
Gregory P. Smith added the comment: My PR merely adds a note to the docs linking to idna on pypi. Don't get excited, it doesn't implement anything. :P re "Once Python has a working idna2008 encoder, we need to address integration into socket, ssl, http, and asyncio module."

[issue17305] IDNA2008 encoding is missing

2021-04-06 Thread Gregory P. Smith
Change by Gregory P. Smith : -- keywords: +patch nosy: +gregory.p.smith nosy_count: 15.0 -> 16.0 pull_requests: +23948 stage: needs patch -> patch review pull_request: https://github.com/python/cpython/pull/25208 ___ Python tracker

[issue43725] Create a release branch ABI stability regression test

2021-04-04 Thread Gregory P. Smith
Gregory P. Smith added the comment: Indeed. In particular given the 3.9.3 issue I was assuming such a test should include asserting both the sizeof() ABI structs and offsetof() public members of all ABI structs. On each specific first class supported platform. This goes beyond what https

[issue43725] Create a release branch ABI stability regression test

2021-04-03 Thread Gregory P. Smith
New submission from Gregory P. Smith : In order to automate prevention of ABI regressions in stable releases, we could create an automated ABI stability test generator and check the specific ABI test it generates into each specific release branch. I'm envisioning the main branch only having

[issue43710] Access violations in C extension modules on Python 3.9.3

2021-04-03 Thread Gregory P. Smith
Gregory P. Smith added the comment: I really suggest a simple rollback (revert) of the change rather than a redo-fix for 3.9.4. Unless you like the idea of a possible 3.9.5 if the redo-fix itself has issues that haven't been given due thought in the rush to undo the 3.9.3 mistake

[issue42500] crash with unbounded recursion in except statement

2021-04-03 Thread Gregory P. Smith
Change by Gregory P. Smith : -- nosy: +gregory.p.smith nosy_count: 7.0 -> 8.0 pull_requests: +23921 pull_request: https://github.com/python/cpython/pull/25179 ___ Python tracker <https://bugs.python.org/issu

[issue43710] Access violations in C extension modules on Python 3.9.3

2021-04-03 Thread Gregory P. Smith
Change by Gregory P. Smith : -- nosy: +gregory.p.smith nosy_count: 7.0 -> 8.0 pull_requests: +23920 pull_request: https://github.com/python/cpython/pull/25179 ___ Python tracker <https://bugs.python.org/issu

[issue42914] pprint numbers with underscore

2021-03-24 Thread Gregory P. Smith
Gregory P. Smith added the comment: Thanks for the contribution Stéphane! I agree that this would be a nice default. We're just being conservative in the pace of default behavior changes. Changing the default could be considered in the future after a few releases with this parameter have

[issue42914] pprint numbers with underscore

2021-03-24 Thread Gregory P. Smith
Gregory P. Smith added the comment: New changeset 3ba3d513b1e3c63d09cb798b982a9e6c369cea4c by sblondon in branch 'master': bpo-42914: add a pprint underscore_numbers option (GH-24864) https://github.com/python/cpython/commit/3ba3d513b1e3c63d09cb798b982a9e6c369cea4c

[issue17792] Unhelpful UnboundLocalError due to del'ing of exception target

2021-03-21 Thread pmp-p
Change by pmp-p : -- nosy: +pmpp ___ Python tracker <https://bugs.python.org/issue17792> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.pyth

[issue33240] shutil.rmtree fails if inner folder is open in Windows Explorer

2021-03-20 Thread Gregory P. Smith
Gregory P. Smith added the comment: oh, I missed that a notification happens to the other process(es) in a common case, a bit of retrying with backoff would actually make sense there. But I wouldn't let a retry run for longer than a second or three, as code tends to assume that rmtree

[issue42914] pprint numbers with underscore

2021-03-20 Thread Gregory P. Smith
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue42914> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue32592] Drop support of Windows Vista and Windows 7

2021-03-20 Thread Gregory P. Smith
Change by Gregory P. Smith : -- title: Drop support of Windows Vista and 7 in Python 3.9 -> Drop support of Windows Vista and Windows 7 type: -> enhancement ___ Python tracker <https://bugs.python.org/i

[issue42917] Block stack size for frame objects should be dynamically sizable

2021-03-20 Thread Gregory P. Smith
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue42917> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue43080] pprint for dataclass instances

2021-03-20 Thread Gregory P. Smith
Gregory P. Smith added the comment: +0.5 I lean towards just accepting this under the conditions Eric describes given that dataclass is a stdlib concept and nobody is likely to claim that such output from pprint is a bad thing. The larger "some form of protocol for pprint to work o

[issue43542] Add image/heif(heic) to list of media types in mimetypes.py

2021-03-20 Thread Gregory P. Smith
Change by Gregory P. Smith : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker <https://bugs.python.or

[issue43542] Add image/heif(heic) to list of media types in mimetypes.py

2021-03-20 Thread Gregory P. Smith
Gregory P. Smith added the comment: New changeset 20a5b7e986377bdfd929d7e8c4e3db5847dfdb2d by Ilya Stepin in branch 'master': bpo-43542: Add heif/heic formats in mimetypes (GH-24917) https://github.com/python/cpython/commit/20a5b7e986377bdfd929d7e8c4e3db5847dfdb2d

[issue38890] subprocess.Popen should not emit a ResourceWarning for a detached process

2021-03-20 Thread Gregory P. Smith
Gregory P. Smith added the comment: On POSIX the norm for anything daemonizing itself is to fork() and let the parent die so that its original process with the child pid has ended. But I'm used to this being the responsibility of the daemon process. Not the code launching the daemon

[issue33240] shutil.rmtree fails if inner folder is open in Windows Explorer

2021-03-20 Thread Gregory P. Smith
Gregory P. Smith added the comment: Isn't this just "how windows behaves" on some filesystems with little that we can do about it? The only real action item I can see here is that if it is _reasonable_ for us to detect the situation and improve the error message, that'd help

[issue43535] Make str.join auto-convert inputs to strings.

2021-03-20 Thread Gregory P. Smith
Gregory P. Smith added the comment: There is a lot of doubt. That should clearly raise an exception because this function is intended to only operate on strings. Trivial types examples like that gloss over the actual problem. data_from_some_computations = [b"foo", b"ba

[issue43542] Add image/heif(heic) to list of media types in mimetypes.py

2021-03-20 Thread Gregory P. Smith
Change by Gregory P. Smith : -- assignee: -> gregory.p.smith nosy: +gregory.p.smith versions: +Python 3.10 ___ Python tracker <https://bugs.python.org/issu

[issue37871] Windows: WindowsConsoleIO produces mojibake for strings longer than 32 KiB

2021-03-20 Thread Gregory P. Smith
Gregory P. Smith added the comment: Steve's approach makes sense and should be robust. side note: do we need to care about Windows 7 anymore in 3.10 given that microsoft no longer supports it? -- nosy: +gregory.p.smith ___ Python tracker <ht

[issue43487] Rename __unicode__ methods to __str__ in 2to3 conversion

2021-03-20 Thread Gregory P. Smith
Gregory P. Smith added the comment: We're not accepting anything new into lib2to3 anymore as it is deprecated and slated for eventual removal. I recommend putting any fixers you develop up as on PyPI as package(s) for others to use. -- nosy: +gregory.p.smith resolution

[issue29178] Adding bytes.frombuffer(byteslike) constructor

2021-03-20 Thread Gregory P. Smith
Change by Gregory P. Smith : -- stage: -> patch review versions: -Python 3.8, Python 3.9 ___ Python tracker <https://bugs.python.org/issue29178> ___ ___ Py

[issue27602] Enable py launcher to launch repository Python.

2021-03-20 Thread Gregory P. Smith
Change by Gregory P. Smith : -- nosy: +brett.cannon ___ Python tracker <https://bugs.python.org/issue27602> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue43571] Add option to create MPTCP sockets

2021-03-20 Thread Gregory P. Smith
Gregory P. Smith added the comment: Thanks for the contribution! Simple constant addition. I ignored the contributor CLA status as a result. There's only one way to write this non-logic plumbing. -- assignee: -> gregory.p.smith resolution: -> fixed stage: patch review -&g

[issue43571] Add option to create MPTCP sockets

2021-03-20 Thread Gregory P. Smith
New submission from Gregory P. Smith : New changeset b05b48dd7ab68bf0046356f2abd6d7fe3b5b3d77 by Rui Cunha in branch 'master': bpo-43571: Add IPPROTO_MPTCP macro (GH-24946) https://github.com/python/cpython/commit/b05b48dd7ab68bf0046356f2abd6d7fe3b5b3d77 -- nosy: +gregory.p.smith

[issue43520] Make Fraction(string) handle non-ascii slashes

2021-03-20 Thread Gregory P. Smith
Change by Gregory P. Smith : -- resolution: -> rejected stage: -> resolved status: open -> closed ___ Python tracker <https://bugs.python.or

[issue43520] Make Fraction(string) handle non-ascii slashes

2021-03-20 Thread Gregory P. Smith
Gregory P. Smith added the comment: The proposal I like is for a unicode numeric normalization functions that return the ascii equivalent to exist. These ideally belong in a third party PyPI library anyways, as they're the kind of thing that needs updating every time a new unicode revision

[issue43517] Fix false positives in circular import detection with from-imports

2021-03-20 Thread Gregory P. Smith
Gregory P. Smith added the comment: Thanks Antoine! -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43517> ___ ___ Python-bugs-list m

[issue43535] Make str.join auto-convert inputs to strings.

2021-03-20 Thread Gregory P. Smith
Gregory P. Smith added the comment: -10. I agree with Serhiy. Automatic type conversion is rarely a feature. It leads to silent bugs when people pass the wrong things. Be explicit. We are intentionally not one of those everything is really a string languages like Perl or Javascript

[issue15533] subprocess.Popen(cwd) documentation: Posix vs Windows

2021-03-16 Thread Gregory P. Smith
Gregory P. Smith added the comment: For our subprocess docs, Eryk's text: """ For POSIX, ``executable`` should be stated as a "relative path without a slash in it" or a "relative path without a directory in it". An unqualified filename is a relative path t

[issue43285] ftplib should not use the host from the PASV response

2021-03-15 Thread Gregory P. Smith
Gregory P. Smith added the comment: 3.7 and 3.6 PRs updated to include a What's New entry. -- assignee: gregory.p.smith -> ned.deily priority: normal -> release blocker versions: -Python 3.10, Python 3.8, Python 3.9 ___ Python tracker

[issue43285] ftplib should not use the host from the PASV response

2021-03-15 Thread Gregory P. Smith
Gregory P. Smith added the comment: New changeset 9eda0dfff2884bf9272f37d4151ef2335f55066f by Gregory P. Smith in branch '3.8': [3.8] bpo-43285: Whats New entry for 3.8.9. (GH-24889) https://github.com/python/cpython/commit/9eda0dfff2884bf9272f37d4151ef2335f55066f

[issue43285] ftplib should not use the host from the PASV response

2021-03-15 Thread Gregory P. Smith
Gregory P. Smith added the comment: New changeset d0312cece9ce89d783687ff6dddaae6495e19fcf by Gregory P. Smith in branch '3.9': [3.9] bpo-43285: Add a What's New entry for 3.9.3. (GH-24888) https://github.com/python/cpython/commit/d0312cece9ce89d783687ff6dddaae6495e19fcf

[issue43285] ftplib should not use the host from the PASV response

2021-03-15 Thread Gregory P. Smith
Change by Gregory P. Smith : -- pull_requests: +23650 pull_request: https://github.com/python/cpython/pull/24889 ___ Python tracker <https://bugs.python.org/issue43

[issue43285] ftplib should not use the host from the PASV response

2021-03-15 Thread Gregory P. Smith
Change by Gregory P. Smith : -- pull_requests: +23649 pull_request: https://github.com/python/cpython/pull/24888 ___ Python tracker <https://bugs.python.org/issue43

[issue43285] ftplib should not use the host from the PASV response

2021-03-15 Thread Gregory P. Smith
Change by Gregory P. Smith : -- pull_requests: +23648 pull_request: https://github.com/python/cpython/pull/24887 ___ Python tracker <https://bugs.python.org/issue43

[issue43285] ftplib should not use the host from the PASV response

2021-03-15 Thread Gregory P. Smith
Change by Gregory P. Smith : -- pull_requests: +23647 stage: commit review -> patch review pull_request: https://github.com/python/cpython/pull/24886 ___ Python tracker <https://bugs.python.org/issu

[issue43285] ftplib should not use the host from the PASV response

2021-03-15 Thread Gregory P. Smith
Gregory P. Smith added the comment: A What's New entry is a good idea. I'll make one and add it to those backport PRs. (reopened to remind me of that) ftplib docs... I don't actually want to document the attribute that people can set for the old behavior beyond the notes in NEWS or What's

[issue43285] ftplib should not use the host from the PASV response

2021-03-15 Thread Gregory P. Smith
Gregory P. Smith added the comment: 3.7 and 3.6 backport PRs created and assigned to release manager Ned for merging. -- nosy: +ned.deily resolution: -> fixed stage: patch review -> commit review status: open -> closed ___ Python tracke

[issue43285] ftplib should not use the host from the PASV response

2021-03-15 Thread Gregory P. Smith
Gregory P. Smith added the comment: New changeset 664d1d16274b47eea6ec92572e1ebf3939a6fa0c by Gregory P. Smith in branch '3.8': [3.8] bpo-43285 Make ftplib not trust the PASV response. (GH-24838) (GH-24881) https://github.com/python/cpython/commit/664d1d16274b47eea6ec92572e1ebf3939a6fa0c

[issue43285] ftplib should not use the host from the PASV response

2021-03-15 Thread Gregory P. Smith
Change by Gregory P. Smith : -- pull_requests: +23639 pull_request: https://github.com/python/cpython/pull/24881 ___ Python tracker <https://bugs.python.org/issue43

[issue43285] ftplib should not use the host from the PASV response

2021-03-15 Thread Gregory P. Smith
Gregory P. Smith added the comment: New changeset 0ab152c6b5d95caa2dc1a30fa96e10258b5f188e by Gregory P. Smith in branch 'master': bpo-43285 Make ftplib not trust the PASV response. (GH-24838) https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e

[issue43478] Disallow Mock spec arguments from being Mocks

2021-03-15 Thread Gregory P. Smith
Gregory P. Smith added the comment: Lets go ahead and try making this a breaking change in 3.10. If users report it causes a bunch of problems during the beta -that they don't want to address so soon- (they are all likely bugs in test suites...) we can soften it to a warning for a cycle

[issue43478] Disallow Mock spec arguments from being Mocks

2021-03-15 Thread Gregory P. Smith
Change by Gregory P. Smith : -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43478> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue35278] [security] directory traversal in tempfile prefix

2021-03-13 Thread Gregory P. Smith
Change by Gregory P. Smith : -- versions: +Python 3.10, Python 3.6, Python 3.7, Python 3.9 ___ Python tracker <https://bugs.python.org/issue35278> ___ ___ Pytho

[issue41200] Add pickle.loads fuzz test

2021-03-13 Thread Gregory P. Smith
Change by Gregory P. Smith : -- resolution: -> rejected stage: -> resolved status: open -> closed ___ Python tracker <https://bugs.python.or

[issue42988] [security] CVE-2021-3426: Information disclosure via pydoc -p: /getfile?key=path allows to read arbitrary file on the filesystem

2021-03-13 Thread Gregory P. Smith
Gregory P. Smith added the comment: FWIW, I don't think we should even have a server feature in pydoc... -- nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue42

[issue43285] ftplib should not use the host from the PASV response

2021-03-13 Thread Gregory P. Smith
Change by Gregory P. Smith : -- title: ftplib use host from PASV response -> ftplib should not use the host from the PASV response ___ Python tracker <https://bugs.python.org/issu

[issue43285] ftplib use host from PASV response

2021-03-13 Thread Gregory P. Smith
Gregory P. Smith added the comment: I'm not interested in chasing down a CVE for this myself. If anyone wants to jump through the hoops to obtain one, the text used for curl in the hackerone link is likely a good guide. My PR includes a way for people to opt-out of the secure behavior (why

[issue43285] ftplib use host from PASV response

2021-03-13 Thread Gregory P. Smith
Change by Gregory P. Smith : -- keywords: +patch pull_requests: +23603 stage: needs patch -> patch review pull_request: https://github.com/python/cpython/pull/24838 ___ Python tracker <https://bugs.python.org/issu

[issue43285] ftplib use host from PASV response

2021-03-13 Thread Gregory P. Smith
Gregory P. Smith added the comment: Indeed, the `host` on that line there should just be ignored with the IP address of the original data connection used in its place. Your https://hackerone.com/reports/1040166 link provides plenty of information and likes to prior art mitigations other ftp

[issue43357] Python memory cleaning

2021-03-13 Thread Gregory P. Smith
Gregory P. Smith added the comment: CPython itself doesn't have guaranteed way to do this kind of thing. There is no tracking of which types clear memory let alone which API calls may make copies of data in places within their C that are not explicitly cleared afterwards. We do not have

[issue33136] Harden ssl module against CVE-2018-8970

2021-03-13 Thread Gregory P. Smith
Gregory P. Smith added the comment: yes, this was fixed. -- nosy: +gregory.p.smith resolution: -> fixed stage: patch review -> commit review status: open -> closed ___ Python tracker <https://bugs.python.or

[issue40763] zipfile.extractall is safe by now

2021-03-13 Thread Gregory P. Smith
Gregory P. Smith added the comment: amaajemyfren is correct (and thanks for the pointers to the original issue and discussion). The warning remains out of caution. -- nosy: +gregory.p.smith resolution: -> not a bug stage: -> resolved status: open -&g

[issue42322] Spectre mitigations in CPython interpreter

2021-03-13 Thread Gregory P. Smith
Gregory P. Smith added the comment: Compiling everything (your entire OS and libraries and CPython itself) with compiler mitigations is recommended. I agree, there is nothing specific we need to do within CPython itself. -- nosy: +gregory.p.smith resolution: -> not a bug st

[issue43086] Excess data in not handled properly in binascii.a2b_base64()

2021-03-13 Thread Gregory P. Smith
Change by Gregory P. Smith : -- assignee: -> gregory.p.smith nosy: +gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43086> ___ ___ Python-

[issue43423] Subprocess IndexError possible in _communicate

2021-03-11 Thread Gregory P. Smith
Gregory P. Smith added the comment: The bug is fixed, Thanks Chris! There was a refactoring noted as being nice in my comments on the primary main branch PR that would be nice to have. But isn't critical. If you want to make a PR for that, just reuse this bpo-43423 issue number on the PR

[issue43423] Subprocess IndexError possible in _communicate

2021-03-11 Thread Gregory P. Smith
Gregory P. Smith added the comment: New changeset b4fc44bb2d209182390b4f9fdf074a46b0165a2f by Chris Griffith in branch 'master': bpo-43423 Fix IndexError in subprocess _communicate function (GH-24777) https://github.com/python/cpython/commit/b4fc44bb2d209182390b4f9fdf074a46b0165a2f

[issue42967] [CVE-2021-23336] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator

2021-03-10 Thread Gregory P. Smith
Gregory P. Smith added the comment: Riccardo - FWIW I agree, the wrong part of the stack was blamed and a CVE was wrongly sought for against CPython on this one. It's sewage under the bridge at this point. The API change has shipped in several different stable releases and thus is something

[issue43332] Make http.client._tunnel send one byte string over the network

2021-03-08 Thread Gregory P. Smith
Gregory P. Smith added the comment: I only ported this back to 3.9 as it is a bit late in 3.8's release cycle for a pure performance fix of an issue that has been around for ages. Thanks for raising the issue. The main http code already did this, the tunnel proxy code path clearly hadn't

[issue43332] Make http.client._tunnel send one byte string over the network

2021-03-07 Thread Gregory P. Smith
Gregory P. Smith added the comment: New changeset c25910a135c2245accadb324b40dd6453015e056 by Gregory P. Smith in branch 'master': bpo-43332: Buffer proxy connection setup packets before sending. (GH-24780) https://github.com/python/cpython/commit/c25910a135c2245accadb324b40dd6453015e056

[issue43332] Make http.client._tunnel send one byte string over the network

2021-03-07 Thread Gregory P. Smith
Change by Gregory P. Smith : -- assignee: -> gregory.p.smith ___ Python tracker <https://bugs.python.org/issue43332> ___ ___ Python-bugs-list mailing list Un

[issue43332] Make http.client._tunnel send one byte string over the network

2021-03-07 Thread Gregory P. Smith
Change by Gregory P. Smith : -- keywords: +patch pull_requests: +23545 stage: needs patch -> patch review pull_request: https://github.com/python/cpython/pull/24780 ___ Python tracker <https://bugs.python.org/issu

[issue43332] Make http.client._tunnel send one byte string over the network

2021-03-05 Thread Gregory P. Smith
Gregory P. Smith added the comment: FYI another common socket idiom for this, specifically added for use in old HTTP 1.x servers building up responses, is setting and clearing the TCP_CORK (Linux) or TCP_NOPUSH (FreeBSD, and maybe macos? [buggy?]) socket option before and after the set

[issue43332] Make http.client._tunnel send one byte string over the network

2021-03-05 Thread Gregory P. Smith
Change by Gregory P. Smith : -- stage: -> needs patch ___ Python tracker <https://bugs.python.org/issue43332> ___ ___ Python-bugs-list mailing list Unsubscrib

[issue43332] Make http.client._tunnel send one byte string over the network

2021-03-05 Thread Gregory P. Smith
Gregory P. Smith added the comment: yep, that'd be a worthwhile improvement. note that the send method in that code also accepts BytesIO objects so rather than doing our own sequence of bytes and join we could just buffer in one of those

[issue43410] Parser does not handle correctly some errors when parsin from stdin

2021-03-05 Thread pmp-p
Change by pmp-p : -- nosy: +pmpp ___ Python tracker <https://bugs.python.org/issue43410> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.pyth

[issue43390] Set the SA_ONSTACK in PyOS_setsig to play well with other VMs like Golang

2021-03-04 Thread Gregory P. Smith
Gregory P. Smith added the comment: I expect zero fallout from this given the semantics. SA_ONSTACK really appears to be something that should've been the POSIX default since it was introduced as a feature in ~BSD4.2 in the early 80s. But it never was. It'll be good to have in the beta

[issue43390] Set the SA_ONSTACK in PyOS_setsig to play well with other VMs like Golang

2021-03-04 Thread Gregory P. Smith
Gregory P. Smith added the comment: New changeset 02ac6f41e5569ec28d625bb005155903f64cc9ee by Gregory P. Smith in branch 'master': bpo-43390: Set SA_ONSTACK in PyOS_setsig (GH-24730) https://github.com/python/cpython/commit/02ac6f41e5569ec28d625bb005155903f64cc9ee

<    1   2   3   4   5   6   7   8   9   10   >