[issue42967] [security] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator

Adam Goldschmidt added the comment: > That doesn’t feel necessary to me. I suspect most links use &, some use ;, > nothing else is valid at the moment and I don’t expect a new separator to > suddenly appear. IMO the boolean parameter to also recognize ; was better. That

[issue42967] [security] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator

Adam Goldschmidt added the comment: > The difference is that semicolon is defined in a previous specification. I understand, but this will limit us in the future if the spec changes - though I don't have strong feelings regarding this one. > Dear all, now that Adam has signed the

[issue40847] New parser considers empty line following a backslash to be a syntax error, old parser didn't

New submission from Adam Williamson : While debugging issues with the black test suite in Python 3.9, I found one which black upstream says is a Cpython issue, so I'm filing it here. Reproduction is very easy. Just use this four-line tester: print("hello, world") \

[issue40848] compile() can compile a bare starred expression with `PyCF_ONLY_AST` flag with the old parser, but not the new one

New submission from Adam Williamson : Not 100% sure this would be considered a bug, but it seems at least worth filing to check. This is a behaviour difference between the new parser and the old one. It's very easy to reproduce: sh-5.0# PYTHONOLDPARSER=1 python3 Python 3.9.0b1 (default

[issue40848] compile() can compile a bare starred expression with `PyCF_ONLY_AST` flag with the old parser, but not the new one

Adam Williamson added the comment: Realized I forgot to give it, so in case it's important, the context here is the black test suite: https://github.com/psf/black/issues/1441 that test suite has a file full of expressions that it expects to be able to parse this way (it uses `ast.

[issue40911] Unexpected behaviour for += assignment to list inside tuple

New submission from Adam Cmiel : Python version: Python 3.8.3 (default, May 15 2020, 00:00:00) [GCC 10.1.1 20200507 (Red Hat 10.1.1-1)] on linux Description: When assigning to a tuple index using +=, if the element at that index is a list, the list is extended and a TypeError is raised. a

[issue40911] Unexpected behaviour for += assignment to list inside tuple

Adam Cmiel added the comment: Got it, I didn't realize that the last step of augmented assignment is (in this case) assigning the result of __iadd__ back to the tuple. Thanks for the explanations! -- ___ Python tracker <https://bugs.py

[issue40847] New parser considers empty line following a backslash to be a syntax error, old parser didn't

Adam Williamson added the comment: I'm not the best person to ask what I'd "consider" to be a bug or not, to be honest. I'm just a Fedora packaging guy trying to make our packages build with Python 3.9 :) If this is still an important question, I'd suggest as

[issue41008] multiprocessing.Connection.poll raises BrokenPipeError on Windows

New submission from David Adam : On Windows 10 (1909, build 18363.900) in 3.7.7 and 3.9.0b3, poll() on a multiprocessing.Connection object can produce an exception: -- import multiprocessing def run(output_socket): for i in range(10): output_socket.send(i) output_socket.close

[issue41283] The parameter name for imghdr.what in the documentation is wrong

New submission from Adam Eltawla : I noticed the parameter name for imghdr.what in the documentation is wrong Link: https://docs.python.org/3.8/library/imghdr.html?highlight=imghdr function imghdr.what(filename, h=None) In reality: def what(file, h=None): It is 'file' not

[issue42184] pdb exits unexpectedly when calling args

New submission from Adam Merchant : When an objects __repr__ or __str__ methods return None a TypeError is raised. However if this object is passed to a function and `args` is called from within pdb, pdb will immediately exit. Attached to this is bug_example.py which contains a simple

[issue18838] The order of interactive prompt and traceback on Windows

Adam Bartoš added the comment: So far I could reproduce the issue on Python 3.7, Windows Vista 64bit. I'll try with newer versions. The output I got: >>> from subprocess import * >>> Popen("py -i foo.py", stdin=PIPE, stdout=PIPE, stderr=PIPE).communicate() (

[issue18838] The order of interactive prompt and traceback on Windows

Adam Bartoš added the comment: The order is fine on Python 3.8, Windows 10. -- ___ Python tracker <https://bugs.python.org/issue18838> ___ ___ Python-bugs-list m

[issue672115] Assignment to __bases__ of direct object subclasses

Adam Venturella added the comment: I too just found the same issue, dunno if it was settled on as being a bug per se. "class object(object): pass" Also worked for me. I don't feel great about doing that though. So I opted for more verbose name as not to collide with &quo

[issue6884] Impossible to include file in sdist that starts with 'build' on Win32

Adam Groszer added the comment: Hello, On Sun, 26 Feb 2012 03:37:06 + you wrote: > BTW if someone knows about a continuous integration service which provides > Windows and Mac OS X VMs I’m all ears. ZTK (Zope toolkit) ended up with renting a windows (server) VM. http://winbot.zo

[issue14453] profile.Profile.calibrate can produce incorrect numbers in some circumstances

New submission from Adam Tomjack : profile.Profile.calibrate can only produces a bias for the default timer. If you've specified a different timer, it will not be used when calibrating. Additionally, setting profile.Profile.bias will affect the computed bias. It will produce a bias

[issue14432] Bug in generator if the generator in created in a C thread

Adam Tomjack added the comment: For what it's worth, I think I've seen this bug in 2.6 and 2.5, using generators created in python threads, while profiling not tracing. I'm creating generators in one python thread and storing them in a variable. In a different python thread

[issue31456] SimpleCookie fails to parse any cookie if an entry has whitespace in the name

New submission from Adam Davis: ```>>> from http.cookies import SimpleCookie >>> cookie_string = "ASDF=stuff; ASDF space=more stuff" >>> cookie = SimpleCookie() >>> cookie.load(cookie_string) >>> cookie.items() dict_items([]) >>

[issue24755] asyncio.wrap_future undocumented

Changes by Adam Höse : -- pull_requests: +497 ___ Python tracker <http://bugs.python.org/issue24755> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue29786] asyncio.wrap_future() is not documented

Adam Höse added the comment: While fixing this issue I found that it's a duplicate of issue 24755. -- nosy: +adisbladis pull_requests: +498 type: -> enhancement ___ Python tracker <http://bugs.python.org

[issue29846] ImportError: No module named _io

New submission from Adam Stewart: I'm trying to build Python 2.7.13 with clang on macOS 10.12.3 with the Spack package manager, but it fails to build the _io module. The exact error message from the build log can be seen here: https://github.com/LLNL/spack/issues/3478#issuecomment-2875

[issue29846] ImportError: Symbol not found: __PyCodecInfo_GetIncrementalDecoder when building 2.7.x on macOS

Adam Stewart added the comment: > I'm certainly not going to try to deeply analyze a build that inserts *that* > many separate -I and -L options into the compiler calls I believe those were necessary to get the build working. Spack doesn't install anything into /usr/, and wit

[issue29846] ImportError: Symbol not found: __PyCodecInfo_GetIncrementalDecoder when building 2.7.x on macOS

Adam Stewart added the comment: I agree, the `--enable-shared` fix is nice, but I would also love to squash this bug. An interesting piece of information: When I provide the full path to the executable (not just relying on the hashed python location), I see: $ /Users/Adam/spack/opt/spack

[issue29846] ImportError: Symbol not found: __PyCodecInfo_GetIncrementalDecoder when building 2.7.x on macOS

Adam Stewart added the comment: The output of DYLD_PRINT_LIBRARIES is attached as well. -- Added file: http://bugs.python.org/file46744/dyld_print_libraries.txt ___ Python tracker <http://bugs.python.org/issue29

[issue29846] ImportError: Symbol not found: __PyCodecInfo_GetIncrementalDecoder when building 2.7.x on macOS

Adam Stewart added the comment: Made a mistake. Please see the new output of DYLD_PRINT_LIBRARIES. This time I actually ran a Python command to see which libraries were loaded. -- Added file: http://bugs.python.org/file46745/dyld_print_libraries.txt

[issue29846] ImportError: Symbol not found: __PyCodecInfo_GetIncrementalDecoder when building 2.7.x on macOS

Adam Stewart added the comment: I also tried building with a Homebrew-installed GCC 6.2.0 but that had the same result. -- ___ Python tracker <http://bugs.python.org/issue29

[issue29883] asyncio: Windows Proactor Event Loop UDP Support

New submission from Adam Meily: I am working on a Python 3.5 project that uses asyncio on a Windows system to poll both UDP and TCP connections. Multiple sources online say that the Windows Proactor event loop, which uses I/O Completion Ports, is considerably faster and more efficient than

[issue29883] asyncio: Windows Proactor Event Loop UDP Support

Changes by Adam Meily : -- pull_requests: +1213 ___ Python tracker <http://bugs.python.org/issue29883> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue30062] datetime in Python 3.6+ no longer respects 'TZ' environment variable

New submission from Adam Williamson: I can't figure out yet why this is, but it's very easy to demonstrate: [adamw@adam anaconda (time-log %)]$ python35 Python 3.5.2 (default, Feb 11 2017, 18:09:24) [GCC 7.0.1 20170209 (Red Hat 7.0.1-0.7)] on linux Type "help", "

[issue30062] datetime in Python 3.6+ no longer respects 'TZ' environment variable

Adam Williamson added the comment: Hmm, after a bit more poking I found this: https://docs.python.org/3/library/time.html#time.tzset "Note Although in many cases, changing the TZ environment variable may affect the output of functions like localtime() without calling tzset(), this beh

[issue1583] Patch for signal.set_wakeup_fd

Adam Olsen added the comment: The fd field may be written from the main thread simultaneous with the signal handler activating and reading it out. Back in 2007 the only POSIX-compliant type allowed for that was sig_atomic_t, anything else was undefined. Looks like pycore_atomic.h should

[issue1583] Patch for signal.set_wakeup_fd

Adam Olsen added the comment: Disagree; if you're writing signal-handling code you should be very careful to do it properly, even if that's only proper for your current platform. If you can't do it properly you should find an alternative that doesn't involve sig

[issue1583] Patch for signal.set_wakeup_fd

Adam Olsen added the comment: Converting to/from sig_atomic_t could have a compile time check on currently supported platforms and isn't buggy for them. For platforms with a different size you could do a runtime check, only allowing a fd in the range of 0-254 (with 255 reserved);

[issue1583] Patch for signal.set_wakeup_fd

Adam Olsen added the comment: signal-safe is different from thread-safe (despite conceptual similarities), but regardless it's been a long time since I last delved into this so I'm quite rusty. I could be doing it all wrong. --

[issue1583] Patch for signal.set_wakeup_fd

Adam Olsen added the comment: signalmodule.c has a hack to limit it to the main thread. Otherwise there's all sorts of platform-specific behaviour. -- ___ Python tracker <https://bugs.python.org/i

[issue32988] datetime.datetime.strftime('%s') always uses local timezone, even with aware datetimes

New submission from Adam Williamson : Test script: import pytz import datetime utc = pytz.timezone('UTC') print(datetime.datetime(2017, 1, 1, tzinfo=utc).strftime('%s')) Try running it with various system timezones: [adamw@xps13k pagure (more-timezone-fun %)]$ TZ='

[issue32988] datetime.datetime.strftime('%s') always uses local timezone, even with aware datetimes

Adam Williamson added the comment: Paul: right. This is on Linux - specifically Fedora Linux, but I don't think it matters. glibc strftime and strptime depend on an underlying struct called 'tm'. 'man strftime' says: %s The number of seconds since the E

[issue32988] datetime.datetime.strftime('%s') always uses local timezone, even with aware datetimes

Adam Williamson added the comment: I'd suggest that if that is the case, it would be better for the docs to *specifically mention* that `%s` is not supported and should not be used, rather than simply not mentioning it. When it's used in real code (note someone in the SO issue m

[issue12750] add cross-platform support for %s strftime-format code

Adam Williamson added the comment: On the "attractive nuisance" angle: I just ran right into this problem, and reported https://bugs.python.org/issue32988 . As I suggested there, if Python doesn't try to fix this, I'd suggest it should at least *explicitly docume

[issue32988] datetime.datetime.strftime('%s') always uses local timezone, even with aware datetimes

Adam Williamson added the comment: Yeah, I've added a comment there. I agree we can keep subsequent discussion in that issue. Closing this as a dupe. I actually have the same thought as you, but I suspect making something that "worked" before start throwing an error might be

[issue33291] Cannot Install Stegano Package - Python 3.6.5 Base

New submission from Adam Klinger : There seems to be an issue in the default setup.py which comes with the Python 3.6.5 installer. Upon trying to install an additional package through pip the below is observed: C:\Users\adamj\Desktop>pip install stegano Collecting stegano Downloading ht

[issue33291] issue in the default setup.py which comes with the Python 3.6.5 installer

Change by Adam Klinger : -- title: Cannot Install Stegano Package - Python 3.6.5 Base -> issue in the default setup.py which comes with the Python 3.6.5 installer ___ Python tracker <https://bugs.python.org/issu

[issue33420] __origin__ invariant broken

New submission from Adam Paszke : Hi everyone, I have a module that needs to inspect type annotations on a few functions. One of the types I need to special case on is typing.Tuple, and I used code like this to detect it: if getattr(annotation, '__origin__', None) == ty

[issue33420] __origin__ invariant broken

Adam Paszke added the comment: Of course, I'm not expecting this to be 100% reliable, and so I'm ok with the answer that the comment is now outdated. I'd like to avoid adding extra dependencies for so simple things, so I guess I'll just special case that in my code for no

[issue33440] Possible lazy import opportunities in `pathlib`

Change by Adam Forsyth : -- keywords: +patch pull_requests: +6505 stage: -> patch review ___ Python tracker <https://bugs.python.org/issue33440> ___ ___ Py

[issue31456] SimpleCookie fails to parse any cookie if an entry has whitespace in the name

Adam Davis added the comment: Quietly throw out the one bad value, sure. You lose all cookies in your cookie string in this scenario. I'd expect "ASDF=stuff; ASDF space=more stuff" to at least kick out the values that are legal. -- ___

[issue31739] socket.close recommended but not demonstrated in same-page example code

Adam Mitchell added the comment: I submitted a pull request, #4181, to fix this issue. I am now waiting for my contributor agreement to be approved. -- nosy: +AdamMitchell ___ Python tracker <https://bugs.python.org/issue31

[issue31959] Directory at `TemporaryDirectory().name` does not exist

New submission from Adam Dangoor : Sample code: ``` import os from tempfile import TemporaryDirectory name = TemporaryDirectory().name print(os.path.exists(name)) # prints False td = TemporaryDirectory() name_2 = td.name print(os.path.exists(name_2)) # prints True ``` Expected behavior

[issue31959] Directory at `TemporaryDirectory().name` does not exist

Adam Dangoor added the comment: > The unexpected behavior occurs on CPython 3.5.3 and CPython 3.6.X but not on > pypy. This suggests that it is something to do with garbage collection. Upon further thought, maybe this is by design, but I still was sur

[issue31959] Directory at `TemporaryDirectory().name` does not exist

Adam Dangoor added the comment: Thank you for clearing this up for me. -- ___ Python tracker <https://bugs.python.org/issue31959> ___ ___ Python-bugs-list mailin

[issue29883] asyncio: Windows Proactor Event Loop UDP Support

Adam Meily added the comment: I've rebased onto upstream master and I fixed the CI build. -- ___ Python tracker <https://bugs.python.org/issue29883> ___ ___

[issue27165] Skip callables when displaying exception fields in cgitb

Change by Adam Bielański : -- pull_requests: +9085 ___ Python tracker <https://bugs.python.org/issue27165> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue35192] pathlib mkdir throws FileExistsError when not supposed to

New submission from Adam Dunlap : I have 2 processes (one C, one python) that are started at the same time and both need a certain directory tree to exist to continue, so both processes create the directory tree while ignoring errors about it already existing. In the python process, I&#

[issue35192] pathlib mkdir throws FileExistsError when not supposed to

Adam Dunlap added the comment: Thank your for your response. I'm running python 3.5.2. The linked issue is indeed a duplicate of this one. To reproduce, you can run two instances of the attached script at the same time, i.e. python3 pymkdir.py & python3 pymkdir.py. It is a race con

[issue18105] ElementTree writes invalid files when UTF-16 encoding is specified

New submission from Adam Urban: import xml.etree.ElementTree as ET tree = ET.parse("myinput.xml") tree.write("myoutput.xml", encoding="utf-16") ...Output is a garbled mess, often a mix of UTF-8 and UTF-16 bytes... UTF-8 output works fine, but when UTF-16, UTF-1

[issue18347] ElementTree corrupts cAse of closing tags when html method is specified

New submission from Adam Urban: import xml.etree.ElementTree as ET tree = ET.parse("myinput.xml") tree.write("myoutput.xml", encoding="utf-16le", xml_declaration=False, default_namespace=None, method="html") If the source XML has a tag like this: someDa

[issue12681] unittest expectedFailure could take a message argument like skip does

Adam Collard added the comment: I've got a patch for this, but I'm a bit worried about the impact on the documented API. I've tried to do the best I could to minimize it through use of keyword-arguments but I'm a bit unsure about the change (and the docs too!) I hope this

[issue9495] argparse unittest tracebacks are confusing if an error is raised when not expected

Adam Collard added the comment: Use raise from None to avoid additional exception context -- Added file: http://bugs.python.org/file30800/argparse-raise-from-None ___ Python tracker <http://bugs.python.org/issue9

[issue12645] test.support. import_fresh_module - incorrect doc

Adam Collard added the comment: The typo is no longer present, but the docs were still wrong. -- nosy: +adam-collard Added file: http://bugs.python.org/file30803/issue-12645-test-docs ___ Python tracker <http://bugs.python.org/issue12

[issue17349] wsgiref.simple_server.demo_app is not PEP-3333 compatible

Changes by Adam Collard : -- nosy: +adam-collard ___ Python tracker <http://bugs.python.org/issue17349> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue17349] wsgiref.simple_server.demo_app is not PEP-3333 compatible

Adam Collard added the comment: Since this bug depends on a __future__ import I was advised to put the test in a separate file. -- Added file: http://bugs.python.org/file30815/issue-17349-wsgiref ___ Python tracker <http://bugs.python.

[issue15370] test_runpy should include namespace package tests

Changes by Adam Collard : -- nosy: +adam-collard ___ Python tracker <http://bugs.python.org/issue15370> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue18387] Add 'symbols' link to html menu bar.

New submission from Ron Adam: This patch adds a 'symbols' link after the 'topics' and 'keywords' links in the html browser menu bar. help('symbols') worked, but there was no way to get to it in the html browser. This also adds unquote_plus() to the ur

[issue18387] Add 'symbols' link to pydoc's html menu bar.

Changes by Ron Adam : -- title: Add 'symbols' link to html menu bar. -> Add 'symbols' link to pydoc's html menu bar. ___ Python tracker <ht

[issue18387] Add 'symbols' link to pydoc's html menu bar.

Changes by Ron Adam : Removed file: http://bugs.python.org/file30831/pdoc_symbols.diff ___ Python tracker <http://bugs.python.org/issue18387> ___ ___ Python-bugs-list m

[issue18387] Add 'symbols' link to pydoc's html menu bar.

Ron Adam added the comment: New slightly improved patch. Combined the topic index's, topics, keywords, and the new symbols case, into a single html_topicsindex(title) function. -- Added file: http://bugs.python.org/file30843/pdoc_symbols

[issue18436] Add mapping of symbol to function to operator module

Ron Adam added the comment: Regarding opertor.get_op: Look at help("symbols") output for consistancy. There may be items in one that can be included in the other. The operator.get_op addition would be useful for improving help on the symbol information for help/pydoc. Currentl

[issue18387] Add 'symbols' link to pydoc's html menu bar.

Ron Adam added the comment: Thanks for catching that. I had used unquote_plus instead of unquote. That is needed for multi-field form data, pydoc doens't need it. Removed the back tick from the pydoc symbols list. The topic link for that symbol was already removed. I also attempt

[issue18387] Add 'symbols' link to pydoc's html menu bar.

Ron Adam added the comment: Updated the patch. -- ___ Python tracker <http://bugs.python.org/issue18387> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue18387] Add 'symbols' link to pydoc's html menu bar.

Changes by Ron Adam : Removed file: http://bugs.python.org/file30843/pdoc_symbols.diff ___ Python tracker <http://bugs.python.org/issue18387> ___ ___ Python-bugs-list m

[issue18387] Add 'symbols' link to pydoc's html menu bar.

Changes by Ron Adam : Removed file: http://bugs.python.org/file30922/pdoc_symbols.diff ___ Python tracker <http://bugs.python.org/issue18387> ___ ___ Python-bugs-list m

[issue18387] Add 'symbols' link to pydoc's html menu bar.

Ron Adam added the comment: Patch update: "<>" removed from pydoc symbols table. -- Added file: http://bugs.python.org/file30931/pdoc_symbols.diff ___ Python tracker <http://bugs.py

[issue18387] Add 'symbols' link to pydoc's html menu bar.

Ron Adam added the comment: I agree the specific content for each symbol are separate issues. Those are probably best addressed individually or a few at a time when they are closely related. -- ___ Python tracker <http://bugs.python.

[issue18740] str is number methods don't recognize '.'

New submission from Ron Adam: Shouldn't at least isdecimal return True? >>> '123.0'.isdecimal() False >>> '123.0'.isalnum() False >>> '123.0'.isnumeric() False >>> '123.0'.isdigit() False -- components: I

[issue18740] str is number methods don't recognize '.'

Ron Adam added the comment: I get the same resluts if I make the string by str(123.0). I was thinking it should test True for the isdecimal case for that. It seems I missunderstood their purpose/use. This seems like it would be a very common misunderstanding. It appears, (Because it isn&#

[issue15785] curses.get_wch() returns keypad codes incorrectly

New submission from Adam Simpkins: The curses.get_wch() function does not check if wget_wch() returned OK or KEY_CODE_YES. In either case, it simply returns the character code. This makes get_wch() unusable when keypad is enabled, because the caller cannot distinguish function key or arrow

[issue15785] curses.get_wch() returns keypad codes incorrectly

Adam Simpkins added the comment: > + Get a wide character as (is_key_code, key). *is_key_code* is True for > + function keys, keypad keys and so, in this case, *key* is a multibyte > string > + containing the key name. Otherwise, *key* is a single character > + correspon

[issue16063] HMAC trans_5C is a string, causing a TypeError

New submission from Adam Glenn: When passing 2 unicode objects to hmac.new() I'm getting "TypeError: character mapping must return integer, None or unicode" I've tried this using hashlib.sha1 and hashlib.md5 and the behavior is the same. What I think is happening is that

[issue16063] HMAC trans_5C is a string, causing a TypeError

Adam Glenn added the comment: I did some more testing and verified that this is a problem caused by the fact that trans_5C is a string and not unicode. It also happens when trans_36 is sent to key.translate(). Python 2.7.3 (default, Aug 1 2012, 05:14:39) [GCC 4.6.3] on linux2 Type "

[issue20916] ssl.enum_certificates() will not return all certificates trusted by Windows

New submission from Adam Goodman: Starting with Vista, Microsoft began shipping only a very minimal set of root CA certificates with Windows. Microsoft does trust many other authorities, but for these, Windows relies on the "Update Root Certificates" feature: http://technet.micros

[issue20916] ssl.enum_certificates() will not return all certificates trusted by Windows

Changes by Adam Goodman : Added file: http://bugs.python.org/file34405/win_ca_test.py ___ Python tracker <http://bugs.python.org/issue20916> ___ ___ Python-bugs-list m

[issue20916] ssl.enum_certificates() will not return all certificates trusted by Windows

Adam Goodman added the comment: I just tried installing the root certificate update from KB931125 on a clean VM. Now I have 369 trusted root CAs, according to certmgr.msc. (I imagine it would be unreasonable to expect all windows python users to do this, though...) The https request to

[issue20916] ssl.enum_certificates() will not return all certificates trusted by Windows

Adam Goodman added the comment: What Martin said is correct, IMO. The actual problem I'd like to correct is: If I - for example - create an HTTPSConnection with cert validation enabled, and set to use the default OS trust mechanism, then the validation process should trigger Windows

[issue21186] RawConfigParser __name__ option handling inconsistent

New submission from Adam Groszer: In RawConfigParser the "__name__" option handling is inconsistent: RawConfigParser.options() and items() works hard to hide it, but has_options() does not -- components: Library (Lib) messages: 215809 nosy: Adam.Groszer priority: norma

[issue21186] RawConfigParser __name__ option handling inconsistent

Adam Groszer added the comment: e.g. myconfig.has_options(, "__name__") is always True, whereas myconfig.options() never has a "__name__" entry -- ___ Python tracker <http://bug

[issue6839] zipfile can't extract file

Adam Polkosnik added the comment: Gentlemen, Is there's any way this fix can be included in any version? Currently, the fact that the exception is thrown makes extracting some zip files impossible with this library, and rolling your own is a bit painful. (either using a wrapper around 7z

[issue6839] zipfile can't extract file

Adam Polkosnik added the comment: For the version headers, I've added the versions featuring the broken behavior. That's all. I'm not saying that this is I'm extracting malware from the Central Quarantine files, and the vendor's implementation is broken and is cau

[issue6839] zipfile can't extract file

Adam Polkosnik added the comment: Also, this behavior is present on all platforms and all versions of Python (zipfile Library), so maybe the headers should be adjusted there too. I'm not saying that this is necessarily a big freaking hole, but by using this, one can prevent files from

[issue6839] zipfile can't extract file

Adam Polkosnik added the comment: If I got a file scanner in my mail gateway implemented with this, one can easily avoid getting the contents of zip-files scanned. Is that enough of a security impact? -- ___ Python tracker <http://bugs.python.

[issue6839] zipfile can't extract file

Adam Polkosnik added the comment: I've also tested with WinZip, and Windows Explorer, on windows. Both extract the contents of test.zip without a warning (just like 7zip on Windows did). This behavior counts as Denial Of Service if the zipfile Library is used to extract files, besides lo

[issue6839] zipfile can't extract file

Adam Polkosnik added the comment: Terry, I apologize about the second change of headers, somehow I must have used the submission form to post the comment from a tab that had the old content, and the headers didn't refresh there. I assure you that it was not my intention to change them

[issue6839] zipfile can't extract file

Adam Polkosnik added the comment: In any event, I think that zipfile_stupid3.patch would be the best trivial fix to this issue. -- ___ Python tracker <http://bugs.python.org/issue6

[issue6839] zipfile can't extract file

Adam Polkosnik added the comment: Patch against 2.7.6 attached. -- Added file: http://bugs.python.org/file35101/zipfile_276_filename_mismatch.patch ___ Python tracker <http://bugs.python.org/issue6

[issue6839] zipfile can't extract file

Adam Polkosnik added the comment: Patch against zipfile 3.4.0 attached. -- Added file: http://bugs.python.org/file35102/zipfile_340_filename_mismatch.patch ___ Python tracker <http://bugs.python.org/issue6

[issue6839] zipfile can't extract file

Changes by Adam Polkosnik : Removed file: http://bugs.python.org/file35102/zipfile_340_filename_mismatch.patch ___ Python tracker <http://bugs.python.org/issue6

[issue6839] zipfile can't extract file

Changes by Adam Polkosnik : Removed file: http://bugs.python.org/file35101/zipfile_276_filename_mismatch.patch ___ Python tracker <http://bugs.python.org/issue6

[issue6839] zipfile can't extract file

Adam Polkosnik added the comment: update -- Added file: http://bugs.python.org/file35103/zipfile_340_filename_mismatch.patch ___ Python tracker <http://bugs.python.org/issue6

[issue6839] zipfile can't extract file

Adam Polkosnik added the comment: Once again patch against 2.7.6 -- Added file: http://bugs.python.org/file35104/zipfile_276_filename_mismatch.patch ___ Python tracker <http://bugs.python.org/issue6

[issue6839] zipfile can't extract file

Changes by Adam Polkosnik : Removed file: http://bugs.python.org/file33666/zipfile_stupid3.patch ___ Python tracker <http://bugs.python.org/issue6839> ___ ___ Python-bug

[issue6839] zipfile can't extract file

Changes by Adam Polkosnik : Removed file: http://bugs.python.org/file35104/zipfile_276_filename_mismatch.patch ___ Python tracker <http://bugs.python.org/issue6

<    1   2   3   4   5   6   7   >