Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8345
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34471>
___
___
Py
New submission from Alexey Izbyshev :
The return value of PyFloat_FromDouble() at
https://github.com/python/cpython/blob/48ce4897f8f8d91d948ecd1241ffab002df2be9e/Python/bltinmodule.c#L2403
is not checked for NULL and then dereferenced.
Reported by Svace static analyzer.
A similar issue in
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8350
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34474>
___
___
Py
New submission from Alexey Izbyshev :
The return value of PyTuple_GetSlice() at
https://github.com/python/cpython/blob/48ce4897f8f8d91d948ecd1241ffab002df2be9e/Objects/typeobject.c#L2297
is not checked for NULL and then dereferenced.
Reported by Svace static analyzer.
Currently
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8351
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34477>
___
___
Py
New submission from Alexey Izbyshev :
This is a follow-up of #34454. 'datetime' extension module attempts to encode
input strings into UTF-8 in several places, which requires special care because
some valid Python strings can't be represented in UTF-8. It makes sense to add
New submission from Alexey Izbyshev :
The C datetime implementation uses PyUnicode_AsUTF8AndSize() in wrap_strftime()
and rejects strings containing surrogate code points (0xD800 - 0xDFFF) since
they can't be encoded in UTF-8. On the other hand, the pure-Python datetime
implement
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8353
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34482>
___
___
Py
Change by Alexey Izbyshev :
--
pull_requests: +8354
___
Python tracker
<https://bugs.python.org/issue34454>
___
___
Python-bugs-list mailing list
Unsubscribe:
Change by Alexey Izbyshev :
--
pull_requests: +8355
___
Python tracker
<https://bugs.python.org/issue34482>
___
___
Python-bugs-list mailing list
Unsubscribe:
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8357
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34468>
___
___
Py
Alexey Izbyshev added the comment:
Thank you, Brett, I've submitted a PR.
--
___
Python tracker
<https://bugs.python.org/issue34468>
___
___
Python-bugs-l
New submission from Alexey Izbyshev :
The return value of PyMem_RawMalloc() is not checked for NULL at
https://github.com/python/cpython/blob/ef8861c112ed1dac9351958c121bc24ca4ecdb08/Python/coreconfig.c#L71.
Reported by Svace static analyzer.
--
components: Interpreter Core
messages
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8382
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34492>
___
___
Py
New submission from Alexey Izbyshev :
The return value of PyTuple_New() is not checked for NULL at
https://github.com/python/cpython/blob/ef8861c112ed1dac9351958c121bc24ca4ecdb08/Objects/genobject.c#L1130
and then dereferenced.
--
components: Interpreter Core
messages: 324022
nosy
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8383
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34493>
___
___
Py
Change by Alexey Izbyshev :
--
pull_requests: +8395
___
Python tracker
<https://bugs.python.org/issue34492>
___
___
Python-bugs-list mailing list
Unsubscribe:
Change by Alexey Izbyshev :
--
versions: +Python 3.7
___
Python tracker
<https://bugs.python.org/issue34492>
___
___
Python-bugs-list mailing list
Unsubscribe:
Change by Alexey Izbyshev :
--
title: Python/coreconfig.c: Missing NULL check in _Py_wstrlist_copy() ->
Python/coreconfig.c: Fix _Py_wstrlist_copy()
___
Python tracker
<https://bugs.python.org/issu
New submission from Alexey Izbyshev :
In the following snippet from PyType_FromSpecWithBases() in
Objects/typeobject.c, spec->name is dereferenced by strrchr() but then is
checked for NULL:
/* Set the type name and qualname */
s = strrchr(spec->name, '.');
New submission from Alexey Izbyshev :
Docs for sys.exit() contain the following note added in
https://github.com/python/cpython/blame/1871a4a35123b278443b960255cb14314ce196f6/Doc/library/sys.rst#L336
Changed in version 3.7: Added utf8_mode attribute for the new -X utf8 flag.
Does it belong
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8400
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34502>
___
___
Py
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8402
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34501>
___
___
Py
Alexey Izbyshev added the comment:
@enedil It seems that all later check either set a message or simply propagate
the error set by a called function. Did you mean any specific later check?
--
___
Python tracker
<https://bugs.python.org/issue34
New submission from Alexey Izbyshev :
'exc_value' reference is leaked at
https://github.com/python/cpython/blob/5f79b50763d687aeeed8edcb4efcc7ac9f8fa186/Python/errors.c#L113
--
components: Interpreter Core
messages: 324099
nosy: benjamin.peterson, berker.peksag
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8406
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34503>
___
___
Py
New submission from Alexey Izbyshev :
The argument of PySequence_Check() is dereferenced at
https://github.com/python/cpython/blob/5f79b50763d687aeeed8edcb4efcc7ac9f8fa186/Objects/abstract.c#L1511
and then checked for NULL.
Reported by Svace static analyzer.
Since other PySomething_Check
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8407
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34504>
___
___
Py
New submission from Alexey Izbyshev :
If a format string contains code points outside of ASCII range, time.strftime()
can behave in four different ways depending on the platform, the current locale
and the code points:
* raise a UnicodeEncodeError
* return an empty string
* for surrogates in
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8424
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34512>
___
___
Py
Alexey Izbyshev added the comment:
Victor, but sys.flags docs *do* contain the note[1]:
Changed in version 3.7: Added dev_mode attribute for the new -X dev flag and
utf8_mode attribute for the new -X utf8 flag.
I've tried to express that in msg324086, but obviously failed.
[1]
Alexey Izbyshev added the comment:
Yes, I've referenced the relevant message from #6697 in #34454.
The specific test you've referenced should be changed after #34481 is fixed --
it highlights inconsistency between C and Python imple
Alexey Izbyshev added the comment:
@p-ganssle
> I'm finding it very difficult to reconcile these things.
Paul, this issue was only about reconciling C and Python implementations of
datetime module -- not fixing time.strftime(), which both of them delegate to.
While the latter is c
Alexey Izbyshev added the comment:
> if we can't make assertions about the behavior of strftime outputs, I think
> it makes it hard to prevent regressions.
Ironically, some of the changes we may have to make to fix time.strftime()
inconsistencies may appear like regressions to
Alexey Izbyshev added the comment:
Thank you, Gregory!
--
resolution: -> fixed
stage: patch review -> resolved
status: open -> closed
___
Python tracker
<https://bugs.python.or
Alexey Izbyshev added the comment:
Thank you, Gregory. I didn't intend to add the warning to stable branches --
it's just that 3.7 hasn't been released yet when this report was submitted.
--
___
Python tracker
<https://bugs.pyt
New submission from Alexey Izbyshev :
The return value of PyUnicode_InternFromString() is not checked for NULL and
then dereferenced at three places in
https://github.com/python/cpython/blob/0bd1a2dcfdf36b181385ae61361e7692f4ebb0fd/Modules/_json.c#L1369
Reported by Svace static analyzer
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8656
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34649>
___
___
Py
New submission from Alexey Izbyshev :
sqlite3.Cache allows users to create uninitialized instances because it relies
on __init__() instead of __new__() for initialization, which can be skipped.
Cache.get() crashes if called on an uninitialized instance:
>>> from sqlite3 imp
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8754
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34695>
___
___
Py
Alexey Izbyshev added the comment:
Some additional motivation for removing Cache: it may be used to crash the
interpreter (#31734).
--
nosy: +izbyshev
___
Python tracker
<https://bugs.python.org/issue30
New submission from Alexey Izbyshev :
It is possible to manually create an instance of private CField type which is
used by ctypes to represent fields of Structure and Union types. This instance
will be uninitialized because it's normally initialized when instances of
Structure/Unio
Alexey Izbyshev added the comment:
What are the drawbacks of moving all code from __init__ to __new__, at least in
master branch (3.8)? IMO it's much more robust than playing whack-a-mole both
with ref/memleaks caused by repeated calls to __init__ and absence of
initialization checks i
New submission from Alexey Izbyshev :
The compressor/decompressor classes from bz2 and lzma modules rely on
__init__() for initialization, but it is not guaranteed to be called. Method
calls on an uninitialized object crash:
>>> from bz2 import BZ2Compressor as C
>>&g
Alexey Izbyshev added the comment:
I somehow failed to notice #23224 when I searched the tracker. You're right,
it's the same, and, moreover, PR 7822 fixes problem with both compressors and
decompressors (though it includes tests only for the latter for some reason).
I think
Alexey Izbyshev added the comment:
Reclosing (browser cache problem).
--
resolution: -> duplicate
stage: needs patch -> resolved
status: open -> closed
___
Python tracker
<https://bugs.python.or
Alexey Izbyshev added the comment:
bz2 in 2.7 is also affected.
Victor, do we want to fix the crash at all in stable branches? If yes, IMHO
taking the slight risk of __init__ -> __new__ change is preferable to taking
the trouble to implement the alternative backwards-compatible fix (i
Change by Alexey Izbyshev :
--
nosy: +izbyshev
___
Python tracker
<https://bugs.python.org/issue34760>
___
___
Python-bugs-list mailing list
Unsubscribe:
New submission from Alexey Izbyshev :
In the following code inspired by a production issue I had to debug recently
subprocess.call() won't return:
import os
import subprocess
import sys
import time
r, w = os.pipe()
p1 = subprocess.Popen([sys.executable, '-c',
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +8924
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue34780>
___
___
Py
Alexey Izbyshev added the comment:
@Tim Is it possible that 'python3' in your command refers to some wrapper which
forwards its arguments to real Python in a wrong way?
--
nosy: +izbyshev
___
Python tracker
<https://bugs.python.o
Alexey Izbyshev added the comment:
Ping!
Thanks to @eryksun for providing feedback here and for the patch review.
--
___
Python tracker
<https://bugs.python.org/issue34
Alexey Izbyshev added the comment:
Thank you for testing and merging, Victor!
--
resolution: -> fixed
stage: patch review -> resolved
status: open -> closed
___
Python tracker
<https://bugs.python.or
Alexey Izbyshev added the comment:
Python 2.7 doesn't have the same issue.
In os.execve(), posix_error() is used, but it is based on errno, which is
correct. (A funny bit is that os.execve('', ['a'], {}) crashes in 2.7, probably
because of some checks in CRT).
Alexey Izbyshev added the comment:
Such casts will also trigger a CFI violation if somebody tries to build Python
(and the libc, in this case) with a signature-based CFI [1, 2]. It checks that
the compile-time callee signature matches the signature of the actually called
function in runtime
New submission from Alexey Izbyshev :
BZ2_Malloc() checks for size < 0 at
https://github.com/python/cpython/blob/6015cc50bc38b9e920ce4986ee10658eaa14f561/Modules/_bz2module.c#L278
, but doesn't check for size == 0 before dividing by it:
if (items < 0 || size < 0)
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +9497
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue35090>
___
___
Py
New submission from Alexey Izbyshev :
gallop_left() and gallop_right() functions explicitly rely on overflowing
behavior of Py_ssize_t
(https://github.com/python/cpython/blob/6015cc50bc38b9e920ce4986ee10658eaa14f561/Objects/listobject.c#L1361):
ofs = (ofs << 1) + 1;
if (of
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +9498
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue35091>
___
___
Py
Alexey Izbyshev added the comment:
May be we should add a new function (_PyMem_RawMallocItems?) that does the same
checks as PyMem_RawCalloc, but doesn't zero-initialize memory?
--
___
Python tracker
<https://bugs.python.org/is
Change by Alexey Izbyshev :
--
title: bz2: Potential division by zero in BZ2_Malloc() -> Potential division by
zero and integer overflow in allocator wrappers
___
Python tracker
<https://bugs.python.org/issu
Alexey Izbyshev added the comment:
Thanks, Victor. Regarding backporting, what about integer overflow? Do you
think it's guaranteed that the multiple of items and size always fits in 32-bit
types, in case of BZ2_Malloc and PyZlib_Malloc?
--
resolution: fixed ->
status
Alexey Izbyshev added the comment:
Sorry for changing the status, it's browser caching again.
--
resolution: -> fixed
status: open -> closed
versions: -Python 3.6, Python 3.7
___
Python tracker
<https://bugs.python.
Change by Alexey Izbyshev :
--
pull_requests: +9507
___
Python tracker
<https://bugs.python.org/issue35091>
___
___
Python-bugs-list mailing list
Unsubscribe:
Change by Alexey Izbyshev :
--
pull_requests: +9520
___
Python tracker
<https://bugs.python.org/issue35091>
___
___
Python-bugs-list mailing list
Unsubscribe:
Alexey Izbyshev added the comment:
> This doesn't actually matter - the code can never trigger.
Yes, I considered this, and wondered why assert wasn't used in the first place,
but the explicit check with a comment suggested that possibility of overflow
was deemed real.
I&#
New submission from Alexey Izbyshev :
Non-existing __GNUC_MAJOR__ macro is used to check for GCC version at
https://github.com/python/cpython/blob/b942707fc23454a998323c17e30be78ff1a4f0e7/Include/pyerrors.h#L97
. __GNUC__ should be used instead.
--
components: Interpreter Core
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +9609
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue35147>
___
___
Py
Change by Alexey Izbyshev :
--
pull_requests: +9611
___
Python tracker
<https://bugs.python.org/issue35147>
___
___
Python-bugs-list mailing list
Unsubscribe:
Change by Alexey Izbyshev :
--
pull_requests: +9612
___
Python tracker
<https://bugs.python.org/issue35147>
___
___
Python-bugs-list mailing list
Unsubscribe:
New submission from Alexey Izbyshev :
==24122==ERROR: AddressSanitizer: stack-use-after-scope on address
0x7fffb1c62550 at pc 0x006ec66c bp 0x7fffb1c62450 sp 0x7fffb1c62448
READ of size 8 at 0x7fffb1c62550 thread T0
#0 0x6ec66b in mkpwent /scratch2/izbyshev/cpython/Modules/pwdmodule.c
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +9620
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue35161>
___
___
Py
New submission from Alexey Izbyshev :
I've got the following on OpenSUSE Tumbleweed (glibc 2.27):
==
FAIL: test_TimeRE_recreation_timezone (test.test_strptime.Cache
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +9647
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue35171>
___
___
Py
Alexey Izbyshev added the comment:
The in-tree copy of libffi was removed in #27979 (between 3.6 and 3.7) for all
platforms except Windows and macOS. Therefore, you need libffi development
package installed in your system to build CPython 3.7.
As for PIP, personally, I think that'
New submission from Alexey Izbyshev :
UBSAN with -fsanitize=implicit-integer-truncation reported a suspicious case:
testSetBlocking_overflow (test.test_socket.NonBlockingTCPTests) ...
/scratch2/izbyshev/cpython/Modules/socketmodule.c:2688:33: runtime error:
implicit conversion from type
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +9695
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue35191>
___
___
Py
New submission from Alexey Izbyshev :
UBSan with -fsanitize=implicit-integer-truncation found a suspicious one:
/scratch2/izbyshev/cpython/Modules/cjkcodecs/_codecs_jp.c:43:17: runtime error:
implicit conversion from type 'unsigned int' of value 4294966013 (32-bit,
unsigned) to type
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +9700
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue35194>
___
___
Py
Change by Alexey Izbyshev :
--
pull_requests: +9706
___
Python tracker
<https://bugs.python.org/issue35194>
___
___
Python-bugs-list mailing list
Unsubscribe:
Alexey Izbyshev added the comment:
I've added 'assert' to macros. Since 'typeof' seems to be disallowed in Python,
I've used 'unsigned int' as the type of an intermediate variable.
Another alternative is 'assert(0 <= (c) &&
Alexey Izbyshev added the comment:
> Maybe test "Py_CHARMASK(c) == (c)"?
This is a good alternative if multiple evaluation of 'c' is acceptable. Though
I'd prefer '(unsigned char)c == c' for this style of fixing because it is bit
closer
Change by Alexey Izbyshev :
--
pull_requests: +9707
___
Python tracker
<https://bugs.python.org/issue35194>
___
___
Python-bugs-list mailing list
Unsubscribe:
Alexey Izbyshev added the comment:
I've checked than other macros in Modules/cjkcodecs/cjkcodecs.h don't avoid
multiple argument evaluation (e.g. OUTCHAR2, _TRYMAP_ENC), so I've changed
'assert' to a variant
Alexey Izbyshev added the comment:
OUTCHAR2 is a wrong example. Other examples are NEXT_IN, NEXT_OUT.
--
___
Python tracker
<https://bugs.python.org/issue35
New submission from Alexey Izbyshev :
address_in_range() in Objects/obmalloc.c may access memory that is mapped but
is considered free by the underlying libc allocator. In #18596, address
sanitizing was disabled for this function. But thread and memory sanitizers
similarly trip on this
Change by Alexey Izbyshev :
--
keywords: +patch
pull_requests: +9714
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue35204>
___
___
Py
Alexey Izbyshev added the comment:
I've submitted a PR which implements the change with additional cleanups.
GCC introduced TSan together with ASan in 4.8[1], but didn't provide a macro to
test for -fsanitize=thread option until 7[2,3].
[1] https://gcc.gnu.org/gcc-4.8/chang
Alexey Izbyshev added the comment:
Victor, you moved declarations of some functions to other headers, but didn't
include the new headers into files that implement the functions in some cases.
For example, _PyGILState_Init was moved into
Include/internal/pycore_lifecycle
Change by Alexey Izbyshev :
--
nosy: +izbyshev
___
Python tracker
<https://bugs.python.org/issue35214>
___
___
Python-bugs-list mailing list
Unsubscribe:
New submission from Alexey Izbyshev :
This issue is a follow-up of msg329608 of #35081.
GCC and Clang have -Wmissing-prototypes[1] diagnostic that is reported if a
global function is defined without a previous declaration containing a
prototype. The reasons may be the following:
1) The
Alexey Izbyshev added the comment:
> Oh, I never saw this warning before. It seems to not be included in -Wall.
> Would you mind to open a new issue to discuss it?
Victor, I've opened #35258 as you suggested.
--
___
Python trac
New submission from Alexey Borzenkov:
A user reported getting a TypeError when building greenlet on OS X with Python
2.7.4 built with homebrew. The TypeError happens because we subclass build_ext
so before building extensions we can change compiler's compiler_so. The problem
is that in
Alexey Borzenkov added the comment:
I was unaware of this issue (which homebrew works around incorrectly), and
because of this I created issue 18580. The problem is indeed with unicode
strings which are coming from _read_output in _osx_support. This is probably
because this code was merged
Alexey Borzenkov added the comment:
Also, to reproduce it you have to temporarily move away your /usr/bin/cc and
/usr/bin/clang, which then triggers the affected code path.
--
___
Python tracker
<http://bugs.python.org/issue18
Changes by Alexey Smirnov :
--
nosy: +alexey-smirnov
___
Python tracker
<http://bugs.python.org/issue14886>
___
___
Python-bugs-list mailing list
Unsubscribe:
New submission from Alexey Boriskin:
Zipfile._extract_member does not preserve file permissions while extracting it.
As may be seen at link[1], raw open() is used and no os.chmod() applied after
that, therefore any permission data stored in zipfile is dropped and file is
created with default
Changes by Alexey Boriskin :
--
hgrepos: +147
___
Python tracker
<http://bugs.python.org/issue15795>
___
___
Python-bugs-list mailing list
Unsubscribe:
Alexey Boriskin added the comment:
I'm attaching a patch, which solves the issue. Patch intoduces new argument
"preserve_permissions" for extract and extractall methods. That argument may
accept one of the three values: do not preserve permissions, preserve a safe
subset of t
Alexey Pavlov added the comment:
For peoples who interesting in supporting building Python with mingw-w64
compiler I can get some links.
More than a year ago we start providing our own builds of Python 2.7+3.3
builded with mingw-w64 compiler.
I'm developer of MSYS2 project - modern fo
301 - 400 of 470 matches
Mail list logo
