: Kristján Valur Jónsson; python-dev@python.org
> > Subject: Re: [Python-Dev] XXX - in funcobject.c
> >
> > Yet Another Kind Of Tuple... However this seems the correct thing to
> > do.
> >
> > In addition, if we agree to restrict arguments names to str (and
> > disa
> -Original Message-
> From: Amaury Forgeot d'Arc [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, February 06, 2008 00:02
> To: Guido van Rossum
> Cc: Kristján Valur Jónsson; python-dev@python.org
> Subject: Re: [Python-Dev] XXX - in funcobject.c
>
> Yet Ano
On Feb 5, 2008 4:02 PM, Amaury Forgeot d'Arc <[EMAIL PROTECTED]> wrote:
> Guido van Rossum wrote:
> > Thanks Amaury! Do you think it would be sufficient to change the
> > PyString_Check() call in PyEval_EvalCodeEx into a
> > PyString_CheckExact() call?
>
> This would prevent this "attack", but woul
Guido van Rossum wrote:
> Thanks Amaury! Do you think it would be sufficient to change the
> PyString_Check() call in PyEval_EvalCodeEx into a
> PyString_CheckExact() call?
This would prevent this "attack", but would remain fragile - future
developments could allow execution of python code somewhe
On Feb 5, 2008 2:07 PM, Amaury Forgeot d'Arc <[EMAIL PROTECTED]> wrote:
> Guido van Rossum wrote:
> > I think we really *are* talking about the caller -- the caller owns
> > the dict, if it managed to delete something from the dict before the
> > callee can incref it, you'd have trouble. I don't im
Guido van Rossum wrote:
> I think we really *are* talking about the caller -- the caller owns
> the dict, if it managed to delete something from the dict before the
> callee can incref it, you'd have trouble. I don't immediately see how
> this could happen, which is probably why I left it as an XXX
I think we really *are* talking about the caller -- the caller owns
the dict, if it managed to delete something from the dict before the
callee can incref it, you'd have trouble. I don't immediately see how
this could happen, which is probably why I left it as an XXX
comment...
--Guido
On Feb 5,
