From: Benjamin Peterson Date: Tue, 14 Jan 2014 04:06:14 +0000 (-0500) Subject: complain when nbytes > buflen to fix possible buffer overflow (closes #20246) X-Git-Tag: 3.1~8 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=92acc9fa2a338db3aa929d0ef3221ed7f0726694;p=thirdparty%2FPython%2Fcpython.git complain when nbytes > buflen to fix possible buffer overflow (closes #20246) --- 92acc9fa2a338db3aa929d0ef3221ed7f0726694 diff --cc Lib/test/test_socket.py index 6a9497bc7d2f,c7ad1217e4f4..c242a5799103 --- a/Lib/test/test_socket.py +++ b/Lib/test/test_socket.py @@@ -1420,10 -1609,27 +1420,18 @@@ class BufferIOTest(SocketConnectedTest) msg = buf[:len(MSG)] self.assertEqual(msg, MSG) - _testRecvFromIntoBytearray = _testRecvFromIntoArray - - def testRecvFromIntoMemoryview(self): - buf = bytearray(1024) - nbytes, addr = self.cli_conn.recvfrom_into(memoryview(buf)) - self.assertEqual(nbytes, len(MSG)) - msg = buf[:len(MSG)] - self.assertEqual(msg, MSG) - - _testRecvFromIntoMemoryview = _testRecvFromIntoArray + def _testRecvFromInto(self): + buf = bytes(MSG) + self.serv_conn.send(buf) + def testRecvFromIntoSmallBuffer(self): + # See issue #20246. + buf = bytearray(8) + self.assertRaises(ValueError, self.cli_conn.recvfrom_into, buf, 1024) + + def _testRecvFromIntoSmallBuffer(self): - with test_support.check_py3k_warnings(): - buf = buffer(MSG*2048) - self.serv_conn.send(buf) ++ self.serv_conn.send(MSG*2048) + TIPC_STYPE = 2000 TIPC_LOWER = 200 diff --cc Misc/ACKS index e74324f11236,2d778a43c6ed..0de41015b6de --- a/Misc/ACKS +++ b/Misc/ACKS @@@ -757,6 -977,9 +757,7 @@@ Kragen Sitake Eric V. Smith Christopher Smith Gregory P. Smith -Roy Smith + Ryan Smith-Roberts Rafal Smotrzyk Dirk Soede Paul Sokolovsky diff --cc Misc/NEWS index d3f8b2ff8642,17e61fdf68fb..437acbf33ffc --- a/Misc/NEWS +++ b/Misc/NEWS @@@ -13,484 -12,571 +13,486 @@@ Core and Builtin Library ------- + - Issue #20246: Fix buffer overflow in socket.recvfrom_into. + -- Issue #19082: Working SimpleXMLRPCServer and xmlrpclib examples, both in - modules and documentation. +- Issue #19435: Fix directory traversal attack on CGIHttpRequestHandler. -- Issue #13107: argparse and optparse no longer raises an exception when output - a help on environment with too small COLUMNS. Based on patch by - Elazar Gershuni. +- Issue #14984: On POSIX systems, when netrc is called without a filename + argument (and therefore is reading the user's $HOME/.netrc file), it now + enforces the same security rules as typical ftp clients: the .netrc file must + be owned by the user that owns the process and must not be readable by any + other user. -- Issue #20207: Always disable SSLv2 except when PROTOCOL_SSLv2 is explicitly - asked for. +- Issue #16248: Disable code execution from the user's home directory by tkinter + when the -E flag is passed to Python. -- Issue #20072: Fixed multiple errors in tkinter with wantobjects is False. -- Issue #1065986: pydoc can now handle unicode strings. +What's New in Python 3.1.5? +=========================== -- Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to - limit line length. Patch by Emil Lind. +*Release date: 2012-04-08* -- Issue #19422: Explicitly disallow non-SOCK_STREAM sockets in the ssl - module, rather than silently let them emit clear text data. +Core and Builtins +----------------- -- Issue #20027: Fixed locale aliases for devanagari locales. +- Issue #13703: oCERT-2011-003: add -R command-line option and PYTHONHASHSEED + environment variable, to provide an opt-in way to protect against denial of + service attacks due to hash collisions within the dict and set types. Patch + by David Malcolm, based on work by Victor Stinner. -- Issue #20067: Tkinter variables now work when wantobjects is false. +Library +------- -- Issue #19020: Tkinter now uses splitlist() instead of split() in configure - methods. +- Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash + table internal to the pyexpat module's copy of the expat library to avoid a + denial of service due to hash collisions. Patch by David Malcolm with some + modifications by the expat project. -- Issue #12226: HTTPS is now used by default when connecting to PyPI. +- Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in + SimpleXMLRPCServer upon malformed POST request. -- Issue #20048: Fixed ZipExtFile.peek() when it is called on the boundary of - the uncompress buffer and read() goes through more than one readbuffer. +- Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC + IV attack countermeasure. -- Issue #20034: Updated alias mapping to most recent locale.alias file - from X.org distribution using makelocalealias.py. +- Issue #11603: Fix a crash when __str__ is rebound as __repr__. Patch by + Andreas Stührk. -- Issue #5815: Fixed support for locales with modifiers. Fixed support for - locale encodings with hyphens. -- Issue #20026: Fix the sqlite module to handle correctly invalid isolation - level (wrong type). +What's New in Python 3.1.4? +=========================== -- Issue #18829: csv.Dialect() now checks type for delimiter, escapechar and - quotechar fields. Original patch by Vajrasky Kok. +*Release date: 2011-06-11* -- Issue #19855: uuid.getnode() on Unix now looks on the PATH for the - executables used to find the mac address, with /sbin and /usr/sbin as - fallbacks. +Library +------- -- Issue #20007: HTTPResponse.read(0) no more prematurely closes connection. - Original patch by Simon Sapin. +- Issue #12502: asyncore: fix polling loop with AF_UNIX sockets. -- Issue #19912: Fixed numerous bugs in ntpath.splitunc(). +- Issue #12009: Fixed regression in netrc file comment handling. -- Issue #19623: Fixed writing to unseekable files in the aifc module. - Fixed writing 'ulaw' (lower case) compressed AIFC files. +Extension Modules +----------------- -- Issue #17919: select.poll.register() again works with poll.POLLNVAL on AIX. - Fixed integer overflow in the eventmask parameter. +- Issue #12221: Replace pyexpat.__version__ with the Python version. -- Issue #17200: telnetlib's read_until and expect timeout was broken by the - fix to Issue #14635 in Python 2.7.4 to be interpreted as milliseconds - instead of seconds when the platform supports select.poll (ie: everywhere). - It is now treated as seconds once again. +What's New in Python 3.1.4 release candidate 1? +=============================================== -- Issue #19099: The struct module now supports Unicode format strings. +*Release date: 2011-05-29* -- Issue #19878: Fix segfault in bz2 module after calling __init__ twice with - non-existent filename. Initial patch by Vajrasky Kok. +Core and Builtins +----------------- -- Issue #16373: Prevent infinite recursion for ABC Set class comparisons. +- Issue #9670: Increase the default stack size for secondary threads on + Mac OS X and FreeBSD to reduce the chances of a crash instead of a + "maximum recursion depth" RuntimeError exception. + (patch by Ronald Oussoren) -- Issue #19138: doctest's IGNORE_EXCEPTION_DETAIL now allows a match when - no exception detail exists (no colon following the exception's name, or - a colon does follow but no text follows the colon). +- Correct lookup of __dir__ on objects. Among other things, this causes errors + besides AttributeError found on lookup to be propagated. -- Issue #16231: Fixed pickle.Pickler to only fallback to its default pickling - behaviour when Pickler.persistent_id returns None, but not for any other - false values. This allows false values other than None to be used as - persistent IDs. This behaviour is consistent with cPickle. +- Issue #12060: Use sig_atomic_t type and volatile keyword in the signal + module. Patch written by Charles-François Natali. -- Issue #11508: Fixed uuid.getnode() and uuid.uuid1() on environment with - virtual interface. Original patch by Kent Frazier. +- Issue #1195: Fix input() if it is interrupted by CTRL+d and then CTRL+c, + clear the end-of-file indicator after CTRL+d. -- Issue #11489: JSON decoder now accepts lone surrogates. +- Issue #9756: When calling a method descriptor or a slot wrapper descriptor, + the check of the object type doesn't read the __class__ attribute anymore. + Fix a crash if a class override its __class__ attribute (e.g. a proxy of the + str type). Patch written by Andreas Stührk. -- Fix test.test_support.bind_port() to not cause an error when Python was - compiled on a system with SO_REUSEPORT defined in the headers but run on - a system with an OS kernel that does not support that new socket option. +- Issue #6780: fix starts/endswith error message to mention that tuples are + accepted too. -- Issue #19633: Fixed writing not compressed 16- and 32-bit wave files on - big-endian platforms. +- Issue #5057: fix a bug in the peepholer that led to non-portable pyc files + between narrow and wide builds while optimizing BINARY_SUBSCR on non-BMP + chars (e.g. "\U00012345"[0]). -- Issue #19449: in csv's writerow, handle non-string keys when generating the - error message that certain keys are not in the 'fieldnames' list. +- Issue #11650: PyOS_StdioReadline() retries fgets() if it was interrupted + (EINTR), for example if the program is stopped with CTRL+z on Mac OS X. Patch + written by Charles-Francois Natali. -- Issue #12853: Fix NameError in distutils.command.upload. +- Issue #8651: PyArg_Parse*() functions raise an OverflowError if the file + doesn't have PY_SSIZE_T_CLEAN define and the size doesn't fit in an int + (length bigger than 2^31-1 bytes). -- Issue #19523: Closed FileHandler leak which occurred when delay was set. +- Issue #11450: Don't truncate hg version info in Py_GetBuildInfo() when + there are many tags (e.g. when using mq). Patch by Nadeem Vawda. -- Issue #1575020: Fixed support of 24-bit wave files on big-endian platforms. +- Issue #10451: memoryview objects could allow to mutate a readable buffer. + Initial patch by Ross Lagerwall. -- Issue #19480: HTMLParser now accepts all valid start-tag names as defined - by the HTML5 standard. +- Issue #10892: Don't segfault when trying to delete __abstractmethods__ from a + class. -- Issue #17827: Add the missing documentation for ``codecs.encode`` and - ``codecs.decode``. +- Issue #8020: Avoid a crash where the small objects allocator would read + non-Python managed memory while it is being modified by another thread. + Patch by Matt Bandy. -- Issue #6157: Fixed Tkinter.Text.debug(). Original patch by Guilherme Polo. +- Issue #8278: On Windows and with a NTFS filesystem, os.stat() and os.utime() + can now handle dates after 2038. -- Issue #6160: The bbox() method of tkinter.Spinbox now returns a tuple of - integers instead of a string. Based on patch by Guilherme Polo. +- issue #11828: startswith and endswith don't accept None as slice index. + Patch by Torsten Becker. -- Issue #19286: Directories in ``package_data`` are no longer added to - the filelist, preventing failure outlined in the ticket. +- Issue #4236: PyModule_Create2 now checks the import machinery directly + rather than the Py_IsInitialized flag, avoiding a Fatal Python + error in certain circumstances when an import is done in __del__. -IDLE ----- +- Issue #10596: Fix float.__mod__ to have the same behaviour as + float.__divmod__ with respect to signed zeros. -4.0 % 4.0 should be + 0.0, not -0.0. -- Issue #20058: sys.stdin.readline() in IDLE now always returns only one line. +- Issue #5587: add a repr to dict_proxy objects. Patch by David Stanek and + Daniel Urban. -- Issue #19481: print() of unicode, str or bytearray subclass instance in IDLE - no more hangs. +- Issue #11506: Trying to assign to a bytes literal should result in a + SyntaxError. -- Issue #18270: Prevent possible IDLE AttributeError on OS X when no initial - shell window is present. +Library +------- -Tests ------ +- Issue #12352: Fix a deadlock in multiprocessing.Heap when a block is freed by + the garbage collector while the Heap lock is held. -- Issue #19804: The test_find_mac test in test_uuid is now skipped if the - ifconfig executable is not available. +- Issue #985064: Make plistlib more resilient to faulty input plists. + Patch by Mher Movsisyan. -- Issue #19886: Use better estimated memory requirements for bigmem tests. +- Issue #12175: RawIOBase.readall() now returns None if read() returns None. -- Backported tests for Tkinter variables. +- Issue #12175: FileIO.readall() now raises a ValueError instead of an IOError + if the file is closed. -- Issue #19320: test_tcl no longer fails when wantobjects is false. +- Issue #12100: Don't reset incremental encoders of CJK codecs at each call to + their encode() method anymore, but continue to call the reset() method if the + final argument is True. -- Issue #19683: Removed empty tests from test_minidom. Initial patch by - Ajitesh Gupta. +- Issue #5715: In socketserver, close the server socket in the child process. -- Issue #19928: Implemented a test for repr() of cell objects. +- Issue #12124: zipimport doesn't keep a reference to zlib.decompress() anymore + to be able to unload the module. -- Issue #19595, #19987: Re-enabled a long-disabled test in test_winsound. +- Issue #10801: In zipfile, support different encodings for the header and + the filenames. -- Issue #19588: Fixed tests in test_random that were silently skipped most - of the time. Patch by Julian Gindi. +- Issue #10154, #10090: change the normalization of UTF-8 to "UTF-8" instead + of "UTF8" in the locale module as the latter is not supported MacOSX and OpenBSD. -- Issue #17883: Tweak test_tcl testLoadWithUNC to skip the test in the - event of a permission error on Windows and to properly report other - skip conditions. +- Issue #10756: atexit normalizes the exception before displaying it. Patch by + Andreas Stührk. -- Issue #17883: Backported _is_gui_available() in test.test_support to - avoid hanging Windows buildbots on test_ttk_guionly. +- Issue #8650: Make zlib module 64-bit clean. compress(), decompress() and + their incremental counterparts now raise OverflowError if given an input + larger than 4GB, instead of silently truncating the input and returning + an incorrect result. -- Issue #18702, #19572: All skipped tests now reported as skipped. +- Issue #12050: zlib.decompressobj().decompress() now clears the unconsumed_tail + attribute when called without a max_length argument. -- Issue #19085: Added basic tests for all tkinter widget options. +- Issue #12062: Fix a flushing bug when doing a certain type of I/O sequence + on a file opened in read+write mode (namely: reading, seeking a bit forward, + writing, then seeking before the previous write but still within buffered + data, and writing again). -Documentation -------------- +- Issue #1028: Tk returns invalid Unicode null in %A: UnicodeDecodeError. + With Tk < 8.5 _tkinter.c:PythonCmd() raised UnicodeDecodeError, caused + IDLE to exit. Converted to valid Unicode null in PythonCmd(). -- Issue #18840: Introduce the json module in the tutorial, and deemphasize - the pickle module. +- Issue #10419: Fix build_scripts command of distutils to handle correctly + non-ASCII scripts. Open and write the script in binary mode, but ensure that + the shebang is decodable from UTF-8 and from the encoding of the script. -- Issue #19795: Improved markup of True/False constants. +- Issue #12012: ssl.PROTOCOL_SSLv2 becomes optional. +- Issue #11164: Stop trying to use _xmlplus in the xml module. -Whats' New in Python 2.7.6? -=========================== +- Issue #11927: SMTP_SSL now uses port 465 by default as documented. Patch + by Kasun Herath. -*Release date: 2013-11-10* +- Issue #12002: ftplib's abort() method raises TypeError. -Library -------- +- Issue #11999: fixed sporadic sync failure mailbox.Maildir due to its trying to + detect mtime changes by comparing to the system clock instead of to the + previous value of the mtime. -- Issue #19435: Fix directory traversal attack on CGIHttpRequestHandler. +- Issue #10684: shutil.move used to delete a folder on case insensitive + filesystems when the source and destination name where the same except + for the case. -IDLE ----- +- Issue #11277: mmap.mmap() calls fcntl(fd, F_FULLFSYNC) on Mac OS X to get + around a mmap bug with sparse files. Patch written by Steffen Daode Nurpmeso. -- Issue #19426: Fixed the opening of Python source file with specified encoding. +- Issue #11763: don't use difflib in TestCase.assertMultiLineEqual if the + strings are too long. -Tests ------ +- Issue #11236: getpass.getpass responds to ctrl-c or ctrl-z on terminal. -- Issue #19457: Fixed xmlcharrefreplace tests on wide build when tests are - loaded from .py[co] files. +- Issue #11768: The signal handler of the signal module only calls + Py_AddPendingCall() for the first signal to fix a deadlock on reentrant or + parallel calls. PyErr_SetInterrupt() writes also into the wake up file. -Build ------ +- Issue #11467: Fix urlparse behavior when handling urls which contains scheme + specific part only digits. Patch by Santoso Wijaya. -- Issue #15663: Revert OS X installer built-in Tcl/Tk support for 2.7.6. - Some third-party projects, such as Matplotlib and PIL/Pillow, - depended on being able to build with Tcl and Tk frameworks in - /Library/Frameworks. +- Issue #11875: collections.OrderedDict's __reduce__ was temporarily + mutating the object instead of just working on a copy. +- collections.Counter().copy() now works correctly for subclasses. -What's New in Python 2.7.6 release candidate 1? -=============================================== +- Issue #11474: Fix the bug with url2pathname() handling of '/C|/' on Windows. + Patch by Santoso Wijaya. -*Release date: 2013-10-26* +- Issue #9233: Fix json to work properly even when _json is not available. -Core and Builtins ------------------ +- Issue #11703: urllib2.geturl() does not return correct url when the original + url contains #fragment. -- Issue #18603: Ensure that PyOS_mystricmp and PyOS_mystrnicmp are in the - Python executable and not removed by the linker's optimizer. +- Issue #10019: Fixed regression in json module where an indent of 0 stopped + adding newlines and acted instead like 'None'. -- Issue #19279: UTF-7 decoder no more produces illegal unicode strings. +- Issue #5162: Treat services like frozen executables to allow child spawning + from multiprocessing.forking on Windows. -- Issue #18739: Fix an inconsistency between math.log(n) and math.log(long(n)); - the results could be off from one another by a ulp or two. +- Issue #10963: Ensure that subprocess.communicate() never raises EPIPE. -- Issue #13461: Fix a crash in the "replace" error handler on 64-bit platforms. - Patch by Yogesh Chaudhari. +- Issue #11696: Fix ID generation in msilib. -- Issue #15866: The xmlcharrefreplace error handler no more produces two XML - entities for a non-BMP character on narrow build. +- Issue #9696: Fix exception incorrectly raised by xdrlib.Packer.pack_int when + trying to pack a negative (in-range) integer. -- Issue #18184: PyUnicode_FromFormat() and PyUnicode_FromFormatV() now raise - OverflowError when an argument of %c format is out of range. +- Issue #11675: multiprocessing.[Raw]Array objects created from an integer size + are now zeroed on creation. This matches the behaviour specified by the + documentation. -- Issue #18137: Detect integer overflow on precision in float.__format__() - and complex.__format__(). +- Issue #7639: Fix short file name generation in bdist_msi. -- Issue #18038: SyntaxError raised during compilation sources with illegal - encoding now always contains an encoding name. +- Issue #11659: Fix ResourceWarning in test_subprocess introduced by #11459. + Patch by Ben Hayden. -- Issue #18019: Fix crash in the repr of dictionaries containing their own - views. +- Issue #11662: Make urllib and urllib2 ignore redirections if the + scheme is not HTTP, HTTPS or FTP (CVE-2011-1521). -- Issue #18427: str.replace could crash the interpreter with huge strings. +- Issue #5537: Fix time2isoz() and time2netscape() functions of + httplib.cookiejar for expiration year greater than 2038 on 32-bit systems. -Library -------- +- Issue #11459: A ``bufsize`` value of 0 in subprocess.Popen() really creates + unbuffered pipes, such that select() works properly on them. -- Issue #19393: Fix symtable.symtable function to not be confused when there are - functions or classes named "top". +- Issue #5421: Fix misleading error message when one of socket.sendto()'s + arguments has the wrong type. Patch by Nikita Vetoshkin. -- Issue #19327: Fixed the working of regular expressions with too big charset. +- Issue #11401: fix handling of headers with no value; this fixes a regression + relative to Python2 and the result is now the same as it was in Python2. -- Issue #19350: Increasing the test coverage of macurl2path. Patch by Colin - Williams. +- Issue #9298: base64 bodies weren't being folded to line lengths less than 78, + which was a regression relative to Python2. Unlike Python2, the last line + of the folded body now ends with a carriage return. -- Issue #19352: Fix unittest discovery when a module can be reached - through several paths (e.g. under Debian/Ubuntu with virtualenv). +- Issue #11569: use absolute path to the sysctl command in multiprocessing to + ensure that it will be found regardless of the shell PATH. This ensures + that multiprocessing.cpu_count works on default installs of MacOSX. -- Issue #15207: Fix mimetypes to read from correct part of Windows registry - Original patch by Dave Chambers +- Issue #11501: disutils.archive_utils.make_zipfile no longer fails if zlib is + not installed. Instead, the zipfile.ZIP_STORED compression is used to create + the ZipFile. Patch by Natalia B. Bidart. -- Issue #8964: fix platform._sys_version to handle IronPython 2.6+. - Patch by Martin Matusiak. +- Issue #11491: dbm.error is no longer raised when dbm.open is called with + the "n" as the flag argument and the file exists. The behavior matches + the documentation and general logic. -- Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read by - limiting the call to readline(). Original patch by Michał - Jastrzębski and Giampaolo Rodola. +- Issue #11131: Fix sign of zero in decimal.Decimal plus and minus + operations when the rounding mode is ROUND_FLOOR. -- Issue #19276: Fixed the wave module on 64-bit big-endian platforms. +- Issue #5622: Fix curses.wrapper to raise correct exception if curses + initialization fails. -- Issue #18458: Prevent crashes with newer versions of libedit. Its readline - emulation has changed from 0-based indexing to 1-based like gnu readline. - Original patch by Ronald Oussoren. +- Issue #11391: Writing to a mmap object created with + ``mmap.PROT_READ|mmap.PROT_EXEC`` would segfault instead of raising a + TypeError. Patch by Charles-François Natali. -- Issue #18919: If the close() method of a writer in the sunau or wave module - failed, second invocation of close() and destructor no more raise an - exception. Second invocation of close() on sunau writer now has no effects. - The aifc module now accepts lower case of names of the 'ulaw' and 'alaw' - codecs. +- Issue #11265: asyncore now correctly handles EPIPE, EBADF and EAGAIN errors + on accept(), send() and recv(). -- Issue #19131: The aifc module now correctly reads and writes sampwidth of - compressed streams. +- Issue #10276: Fix the results of zlib.crc32() and zlib.adler32() on buffers + larger than 4GB. Patch by Nadeem Vawda. -- Issue #19158: a rare race in BoundedSemaphore could allow .release() too - often. +- Issue #4681: Allow mmap() to work on file sizes and offsets larger than + 4GB, even on 32-bit builds. Initial patch by Ross Lagerwall, adapted for + 32-bit Windows. -- Issue #18037: 2to3 now escapes '\u' and '\U' in native strings. +- email.header.Header was incorrectly encoding folding white space when + rfc2047-encoding header values with embedded newlines, leaving them + without folding whitespace. It now uses the continuation_ws, as it + does for continuation lines that it creates itself. -- Issue #19137: The pprint module now correctly formats empty set and frozenset - and instances of set and frozenset subclasses. +- Issue #10360: In WeakSet, do not raise TypeErrors when testing for + membership of non-weakrefable objects. -- Issue #16040: CVE-2013-1752: nntplib: Limit maximum line lengths to 2048 to - prevent readline() calls from consuming too much memory. Patch by Jyrki - Pulliainen. +- Issue #10549: Fix pydoc traceback when text-documenting certain classes. -- Issue #12641: Avoid passing "-mno-cygwin" to the mingw32 compiler, except - when necessary. Patch by Oscar Benjamin. +- Issue #11110: Fix _sqlite to not deref a NULL when module creation fails. -- Properly initialize all fields of a SSL object after allocation. +- Issue #11089: Fix performance issue limiting the use of ConfigParser() + with large config files. -- Issue #4366: Fix building extensions on all platforms when --enable-shared - is used. +- Issue #8275: Fix passing of callback arguments with ctypes under Win64. + Patch by Stan Mihai. -- Issue #18950: Fix miscellaneous bugs in the sunau module. - Au_read.readframes() now updates current file position and reads correct - number of frames from multichannel stream. Au_write.writeframesraw() now - correctly updates current file position. Au_read and Au_write now correctly - work with file object if start file position is not a zero. +- Issue #11053: Fix IDLE "Syntax Error" windows to behave as in 2.x, + preventing a confusing hung appearance on OS X with the windows + obscured. -- Issue #18050: Fixed an incompatibility of the re module with Python 2.7.3 - and older binaries. +- Issue #11052: Correct IDLE menu accelerators on Mac OS X for Save + commands. -- Issue #19037: The mailbox module now makes all changes to maildir files - before moving them into place, to avoid race conditions with other programs - that may be accessing the maildir directory. +- Issue #11020: Command-line pyclbr was broken because of missing 2-to-3 + conversion. -- Issue #14984: On POSIX systems, when netrc is called without a filename - argument (and therefore is reading the user's $HOME/.netrc file), it now - enforces the same security rules as typical ftp clients: the .netrc file must - be owned by the user that owns the process and must not be readable by any - other user. +- Issue #10974: IDLE no longer crashes if its recent files list includes files + with non-ASCII characters in their path names. -- Issue #17324: Fix http.server's request handling case on trailing '/'. Patch - contributed by Vajrasky Kok. +- Issue #10987: Fix the recursion limit handling in the _pickle module. -- Issue #19018: The heapq.merge() function no longer suppresses IndexError - in the underlying iterables. +- Issue #10949: Improved robustness of rotating file handlers. -- Issue #18784: The uuid module no more attempts to load libc via ctypes.CDLL, - if all necessary functions are already found in libuuid. - Patch by Evgeny Sologubov. +- Issue #10955: Fix a potential crash when trying to mmap() a file past its + length. Initial patch by Ross Lagerwall. -- Issue #14971: unittest test discovery no longer gets confused when a function - has a different __name__ than its name in the TestCase class dictionary. +- Issue #10898: Allow compiling the posix module when the C library defines + a symbol named FSTAT. -- Issue #18672: Fixed format specifiers for Py_ssize_t in debugging output in - the _sre module. +- Issue #10916: mmap should not segfault when a file is mapped using 0 as + length and a non-zero offset, and an attempt to read past the end of file + is made (IndexError is raised instead). Patch by Ross Lagerwall. -- Issue #18830: inspect.getclasstree() no more produces duplicated entries even - when input list contains duplicates. +- Issue #10899: No function type annotations in the standard library. + Removed function type annotations from _pyio.py. -- Issue #18909: Fix _tkinter.tkapp.interpaddr() on Windows 64-bit, don't cast - 64-bit pointer to long (32 bits). +- Issue #10875: Update Regular Expression HOWTO; patch by 'SilentGhost'. -- Issue #18876: The FileIO.mode attribute now better reflects the actual mode - under which the file was opened. Patch by Erik Bray. +- Issue #10869: Fixed bug where ast.increment_lineno modified the root + node twice. -- Issue #18851: Avoid a double close of subprocess pipes when the child - process fails starting. +- Issue #5871: email.header.Header.encode now raises an error if any + continuation line in the formatted value has no leading white space + and looks like a header. Since Generator uses Header to format all + headers, this check is made for all headers in any serialized message + at serialization time. This provides protection against header + injection attacks. -- Issue #18418: After fork(), reinit all threads states, not only active ones. - Patch by A. Jesse Jiryu Davis. +- Issue #7858: Raise an error properly when os.utime() fails under Windows + on an existing file. -- Issue #11973: Fix a problem in kevent. The flags and fflags fields are now - properly handled as unsigned. +- Issue #3839: wsgiref should not override a Content-Length header set by + the application. Initial patch by Clovis Fabricio. -- Issue #16809: Fixed some tkinter incompabilities with Tcl/Tk 8.6. +- Issue #10790: email.header.Header.append's charset logic now works correctly + for charsets whose output codec is different from its input codec. -- Issue #16809: Tkinter's splitlist() and split() methods now accept Tcl_Obj - argument. +- Issue #6643: Reinitialize locks held within the threading module after fork + to avoid a potential rare deadlock or crash on some platforms. -- Issue #17119: Fixed integer overflows when processing large Unicode strings - and tuples in the tkinter module. +- Issue #10806, issue #9905: Fix subprocess pipes when some of the standard + file descriptors (0, 1, 2) are closed in the parent process. Initial + patch by Ross Lagerwall. -- Issue #15233: Python now guarantees that callables registered with the atexit - module will be called in a deterministic order. +- Issue #10753 - Characters ';', '=' and ',' in the PATH_INFO environment + variable won't be quoted when the URI is constructed by the wsgiref.util's + request_uri method. According to RFC 3986, these characters can be a part of + params in PATH component of URI and need not be quoted. -- Issue #18747: Re-seed OpenSSL's pseudo-random number generator after fork. - A pthread_atfork() parent handler is used to seed the PRNG with pid, time - and some stack data. +- Issue #10738: Fix webbrowser.Opera.raise_opts -- Issue #8865: Concurrent invocation of select.poll.poll() now raises a - RuntimeError exception. Patch by Christian Schubert. +- Issue #9824: SimpleCookie now encodes , and ; in values to cater to how + browsers actually parse cookies. -- Issue #13461: Fix a crash in the TextIOWrapper.tell method on 64-bit - platforms. Patch by Yogesh Chaudhari. +- Issue #5258/#10642: if site.py encounters a .pth file that generates an error, + it now prints the filename, line number, and traceback to stderr and skips + the rest of that individual file, instead of stopping processing entirely. -- Issue #18777: The ssl module now uses the new CRYPTO_THREADID API of - OpenSSL 1.0.0+ instead of the deprecated CRYPTO id callback function. +- Issue #4871: The zipfile module now gives a more useful error message if + an attempt is made to use a string to specify the archive password. -- Issue #18768: Correct doc string of RAND_edg(). Patch by Vajrasky Kok. +- Issue #10750: The ``raw`` attribute of buffered IO objects is now read-only. -- Issue #18178: Fix ctypes on BSD. dlmalloc.c was compiled twice which broke - malloc weak symbols. +- Issue #6791: Limit header line length (to 65535 bytes) in http.client + and http.server, to avoid denial of services from the other party. -- Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes - inside subjectAltName correctly. Formerly the module has used OpenSSL's - GENERAL_NAME_print() function to get the string represention of ASN.1 - strings for ``rfc822Name`` (email), ``dNSName`` (DNS) and - ``uniformResourceIdentifier`` (URI). +- Issue #10404: Use ctl-button-1 on OSX for the context menu in Idle. -- Issue #18756: Improve error reporting in os.urandom() when the failure - is due to something else than /dev/urandom not existing (for example, - exhausting the file descriptor limit). +- Issue #4188: Avoid creating dummy thread objects when logging operations + from the threading module (with the internal verbose flag activated). -- Fix tkinter regression introduced by the security fix in issue #16248. +- Issue #9721: Fix the behavior of urljoin when the relative url starts with a + ';' character. Patch by Wes Chow. -- Issue #18676: Change 'positive' to 'non-negative' in queue.py put and get - docstrings and ValueError messages. Patch by Zhongyue Luo +- Issue #10714: Limit length of incoming request in http.server to 65536 bytes + for security reasons. Initial patch by Ross Lagerwall. -- Issue #17998: Fix an internal error in regular expression engine. +- Issue #9558: Fix distutils.command.build_ext with VS 8.0. -- Issue #17557: Fix os.getgroups() to work with the modified behavior of - getgroups(2) on OS X 10.8. Original patch by Mateusz Lenik. +- Issue #10695: passing the port as a string value to telnetlib no longer + causes debug mode to fail. -- Issue #18455: multiprocessing should not retry connect() with same socket. +- Issue #1078919: add_header now automatically RFC2231 encodes parameters + that contain non-ascii values. -- Issue #18513: Fix behaviour of cmath.rect w.r.t. signed zeros on OS X 10.8 + - gcc. +- Issue #10107: Warn about unsaved files in IDLE on OSX. -- Issue #18101: Tcl.split() now process Unicode strings nested in a tuple as it - do with byte strings. +- Issue #7904: Changes to urllib.parse.urlsplit to handle schemes as defined by + RFC3986. Anything before :// is considered a scheme and is followed by an + authority (or netloc) and by '/' led path, which is optional. -- Issue #18347: ElementTree's html serializer now preserves the case of - closing tags. +- Issue #10478: Reentrant calls inside buffered IO objects (for example by + way of a signal handler) now raise a RuntimeError instead of freezing the + current process. -- Issue #17261: Ensure multiprocessing's proxies use proper address. +- Issue #10464: netrc now correctly handles lines with embedded '#' characters. -- Issue #17097: Make multiprocessing ignore EINTR. +- Issue #1731717: Fixed the problem where subprocess.wait() could cause an + OSError exception when The OS had been told to ignore SIGCLD in our process + or otherwise not wait for exiting child processes. -- Issue #18155: The csv module now correctly handles csv files that use - a delimiter character that has a special meaning in regexes, instead of - throwing an exception. +- Issue #11500: Fixed a bug in the os x proxy bypass code for fully qualified + IP addresses in the proxy exception list. -- Issue #18135: ssl.SSLSocket.write() now raises an OverflowError if the input - string in longer than 2 gigabytes. The ssl module does not support partial - write. +Extension Modules +----------------- -- Issue #18167: cgi.FieldStorage no longer fails to handle multipart/form-data - when \r\n appears at end of 65535 bytes without other newlines. +- Issue #12051: Fix segfault in json.dumps() while encoding highly-nested + objects using the C accelerations. -- Issue #17403: urllib.parse.robotparser normalizes the urls before adding to - ruleline. This helps in handling certain types invalid urls in a conservative - manner. Patch contributed by Mher Movsisyan. +- Issue #12017: Fix segfault in json.loads() while decoding highly-nested + objects using the C accelerations. -- Implement inequality on weakref.WeakSet. +- Issue #1838: Prevent segfault in ctypes, when _as_parameter_ on a class is set + to an instance of the class. -- Issue #17981: Closed socket on error in SysLogHandler. +- Issue #678250: Make mmap flush a noop on ACCESS_READ and ACCESS_COPY. -- Issue #18015: Fix unpickling of 2.7.3 and 2.7.4 namedtuples. +Build +----- -- Issue #17754: Make ctypes.util.find_library() independent of the locale. +- Issue #11411: Fix 'make DESTDIR=' with a relative destination. -- Fix typos in the multiprocessing module. +- Issue #11184: Fix large-file support on AIX. -- Issue #17269: Workaround for socket.getaddrinfo crash on MacOS X - with port None or "0" and flags AI_NUMERICSERV. +- Issue #941346: Fix broken shared library build on AIX. -- Issue #18080: When building a C extension module on OS X, if the compiler - is overriden with the CC environment variable, use the new compiler as - the default for linking if LDSHARED is not also overriden. This restores - Distutils behavior introduced in 2.7.3 and inadvertently dropped in 2.7.4. +- Issue #7716: Under Solaris, don't assume existence of /usr/xpg4/bin/grep in + the configure script but use $GREP instead. Patch by Fabian Groffen. -- Issue #18071: C extension module builds on OS X could fail with TypeError - if the Xcode command line tools were not installed. +- Issue #10475: Don't hardcode compilers for LDSHARED/LDCXXSHARED on NetBSD + and DragonFly BSD. Patch by Nicolas Joly. -- Issue #18113: Fixed a refcount leak in the curses.panel module's - set_userptr() method. Reported by Atsuo Ishimoto. +- Issue #10655: Fix the build on PowerPC on Linux with GCC when building with + timestamp profiling (--with-tsc): the preprocessor test for the PowerPC + support now looks for "__powerpc__" as well as "__ppc__": the latter seems to + only be present on OS X; the former is the correct one for Linux with GCC. -- Issue #18849: Fixed a Windows-specific tempfile bug where collision with an - existing directory caused mkstemp and related APIs to fail instead of - retrying. Report and fix by Vlad Shcherbina. - -- Issue #19400: Prevent extension module build failures with Xcode 5 on OS X - 10.8+ when using a universal Python that included a PPC architecture, - such as with a python.org 32-bit-only binary installer. - -Tools/Demos ------------ - -- Issue #18873: 2to3 and the findnocoding.py script now detect Python source - code encoding only in comment lines. - -- Issue #18817: Fix a resource warning in Lib/aifc.py demo. - -- Issue #18439: Make patchcheck work on Windows for ACKS, NEWS. - -- Issue #18448: Fix a typo in Demo/newmetaclasses/Eiffel.py. - -- Issue #12990: The "Python Launcher" on OSX could not launch python scripts - that have paths that include wide characters. - -Build ------ - -- Issue #16067: Add description into MSI file to replace installer's temporary name. - -- Issue #18256: Compilation fix for recent AIX releases. Patch by - David Edelsohn. - -- Issue #18098: The deprecated OS X Build Applet.app fails to build on - OS X 10.8 systems because the Apple-deprecated QuickDraw headers have - been removed from Xcode 4. Skip building it in this case. - -- Issue #1584: Provide options to override default search paths for - Tcl and Tk when building _tkinter. - -- Issue #15663: Tcl/Tk 8.5.15 is now included with the OS X 10.6+ - 64-bit/32-bit installer for 10.6+. It is no longer necessary - to install a third-party version of Tcl/Tk 8.5 to work around the - problems in the Apple-supplied Tcl/Tk 8.5 shipped in OS X 10.6 - and later releases. - -- Issue #19019: Change the OS X installer build script to use CFLAGS instead - of OPT for special build options. By setting OPT, some compiler-specific - options like -fwrapv were overridden and thus not used, which could result - in broken interpreters when building with clang. - -IDLE ----- - -- Issue #18873: IDLE now detects Python source code encoding only in comment - lines. - -- Issue #18988: The "Tab" key now works when a word is already autocompleted. - -- Issue #18489: Add tests for SearchEngine. Original patch by Phil Webster. - -- Issue #18429: Format / Format Paragraph, now works when comment blocks - are selected. As with text blocks, this works best when the selection - only includes complete lines. - -- Issue #18226: Add docstrings and unittests for FormatParagraph.py. - Original patches by Todd Rovito and Phil Webster. - -- Issue #18279: Format - Strip trailing whitespace no longer marks a file as - changed when it has not been changed. This fix followed the addition of a - test file originally written by Phil Webster (the issue's main goal). - -- Issue #18539: Calltips now work for float default arguments. - -- Issue #7136: In the Idle File menu, "New Window" is renamed "New File". - Patch by Tal Einat, Roget Serwy, and Todd Rovito. - -- Issue #8515: Set __file__ when run file in IDLE. - Initial patch by Bruce Frederiksen. - -- Issue #5492: Avoid traceback when exiting IDLE caused by a race condition. - -- Issue #17511: Keep IDLE find dialog open after clicking "Find Next". - Original patch by Sarah K. - -- Issue #15392: Create a unittest framework for IDLE. - Preliminary patch by Rajagopalasarma Jayakrishnan - See Lib/idlelib/idle_test/README.txt for how to run Idle tests. - -- Issue #14146: Highlight source line while debugging on Windows. - -- Issue #17532: Always include Options menu for IDLE on OS X. - Patch by Guilherme Simões. +- Issue #1099: Fix the build on MacOSX when building a framework with pydebug + using GCC 4.0. Tests ----- diff --cc Modules/socketmodule.c index 5e911e058480,27df333b7a7e..ebaebf51d168 --- a/Modules/socketmodule.c +++ b/Modules/socketmodule.c @@@ -2494,20 -2742,27 +2494,26 @@@ sock_recvfrom_into(PySocketSockObject * if (recvlen == 0) { /* If nbytes was not specified, use the buffer's length */ recvlen = buflen; + } else if (recvlen > buflen) { ++ PyBuffer_Release(&pbuf); ++ Py_XDECREF(addr); + PyErr_SetString(PyExc_ValueError, + "nbytes is greater than the length of the buffer"); - goto error; ++ return NULL; } - readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr); + readlen = sock_recvfrom_guts(s, buf, recvlen, flags, &addr); if (readlen < 0) { + PyBuffer_Release(&pbuf); /* Return an error */ - goto error; + Py_XDECREF(addr); + return NULL; } - PyBuffer_Release(&buf); + PyBuffer_Release(&pbuf); /* Return the number of bytes read and the address. Note that we do not do anything special here in the case that readlen < recvlen. */ - return Py_BuildValue("lN", readlen, addr); - -error: - Py_XDECREF(addr); - PyBuffer_Release(&buf); - return NULL; + return Py_BuildValue("nN", readlen, addr); } PyDoc_STRVAR(recvfrom_into_doc,