A regression would still absolutely fail and even a flaky pass isn't
harmful as it'd fail most of the time across our N system test runs.
Windows has a low resolution timer and CI systems are prone to odd
timing so this just gives more leeway to avoid flakiness.
(cherry picked from commit 11e3548fd1)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
This doesn't happen naturally, but is allowed by the ASDL and compiler.
We don't want to change ASDL for backward compatibility reasons
(GH-57645, GH-92987)
(cherry picked from commit 200c9a8da0)
Co-authored-by: Shantanu <12621235+hauntsaninja@users.noreply.github.com>
Converting a large enough `int` to a decimal string raises `ValueError` as expected. However, the raise comes _after_ the quadratic-time base-conversion algorithm has run to completion. For effective DOS prevention, we need some kind of check before entering the quadratic-time loop. Oops! =)
The quick fix: essentially we catch _most_ values that exceed the threshold up front. Those that slip through will still be on the small side (read: sufficiently fast), and will get caught by the existing check so that the limit remains exact.
The justification for the current check. The C code check is:
```c
max_str_digits / (3 * PyLong_SHIFT) <= (size_a - 11) / 10
```
In GitHub markdown math-speak, writing $M$ for `max_str_digits`, $L$ for `PyLong_SHIFT` and $s$ for `size_a`, that check is:
$$\left\lfloor\frac{M}{3L}\right\rfloor \le \left\lfloor\frac{s - 11}{10}\right\rfloor$$
From this it follows that
$$\frac{M}{3L} < \frac{s-1}{10}$$
hence that
$$\frac{L(s-1)}{M} > \frac{10}{3} > \log_2(10).$$
So
$$2^{L(s-1)} > 10^M.$$
But our input integer $a$ satisfies $|a| \ge 2^{L(s-1)}$, so $|a|$ is larger than $10^M$. This shows that we don't accidentally capture anything _below_ the intended limit in the check.
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
(cherry picked from commit b126196838)
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
* gh-68163: Correct conversion of Rational instances to float
Also document that numerator/denominator properties are instances of Integral.
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
(cherry picked from commit 8464b754c4)
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
Integer to and from text conversions via CPython's bignum `int` type is not safe against denial of service attacks due to malicious input. Very large input strings with hundred thousands of digits can consume several CPU seconds.
This PR comes fresh from a pile of work done in our private PSRT security response team repo.
This backports https://github.com/python/cpython/pull/96499 aka 511ca94520
Signed-off-by: Christian Heimes [Red Hat] <christian@python.org>
Tons-of-polishing-up-by: Gregory P. Smith [Google] <greg@krypto.org>
Reviews via the private PSRT repo via many others (see the NEWS entry in the PR).
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
I wrote up [a one pager for the release managers](https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y/edit#).
If kernel fips is enabled, we get permission error upon doing
`import crypt`. So, if kernel fips is enabled, disable the
unallowed hashing methods.
Python 3.9.1 (default, May 10 2022, 11:36:26)
[GCC 10.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import crypt
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python3.9/crypt.py", line 117, in <module>
_add_method('MD5', '1', 8, 34)
File "/usr/lib/python3.9/crypt.py", line 94, in _add_method
result = crypt('', salt)
File "/usr/lib/python3.9/crypt.py", line 82, in crypt
return _crypt.crypt(word, salt)
PermissionError: [Errno 1] Operation not permitted
Signed-off-by: Shreenidhi Shedi <sshedi@vmware.com>
(cherry picked from commit 2fa03b1b07)
Co-authored-by: Shreenidhi Shedi <53473811+sshedi@users.noreply.github.com>
Tests for IsolatedAsyncioTestCase.debug() rely on the runner be closed
in __del__. It makes tests depending on the GC an unreliable on other
implementations. It is better to tear down the loop explicitly even if
currently there is no a public API for this.
(cherry picked from commit 4de06e3cc0)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
find_unused_port() has an inherent race condition, but we can't use
bind_port() as that uses .getsockname() which this test is exercising.
Try binding to unused ports a few times before failing.
Signed-off-by: Ross Burton <ross.burton@arm.com>
(cherry picked from commit df11012697)
Co-authored-by: Ross Burton <ross.burton@arm.com>
'/Tab' should have been removed from the font page label
when the tab-spaces setting was moved to the Windows page.
(cherry picked from commit f6b811059a)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
GH-91242 replaced the Windows chm help file with a copy
of the html docs. This PR replaces the IDLE code that
fetches the Windows local help url passed to os.startfile.
Co-authored-by: Steve Dower
(cherry picked from commit bdb2cf8e91)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
'IDLE Help' was a plain text file. It was superceded years ago
by a copy of the much more complete html doc. .
(cherry picked from commit 05a0f37029)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Under certain build conditions, test_check_c_globals fails. This fix takes the same approach as we took for gh-84236 (via gh-20095). We'll be removing use of distutils in the c-analyzer at some point. Until then we'll hide the warning filter.
(cherry picked from commit 3ff6d9affb)
Co-authored-by: Eric Snow <ericsnowcurrently@gmail.com>
This PR fixes the error message from float(s) in the case where s contains only whitespace.
(cherry picked from commit 97e9cfa75a)
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
This enables accessing IDLE as 'idlelib' in the Doc Module listing.
(cherry picked from commit 70fc9641b5)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Change in idlelib.browser, line 54
cherrypicked from 3680ebed7f
(cherry picked from commit 1a22ec5d69)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
`dataclass` was called as a function when it was almost certainly intended to be a decorator.
(cherry picked from commit 59e09efe88)
Co-authored-by: da-woods <dw-git@d-woods.co.uk>
Document what I (TJR) currently do for 3.10/3.11.
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
(cherry picked from commit a302a27489)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Update menu item position and capitalization.
Add paragraph about search.
For help.html, include save-as addition.
(cherry picked from commit 834064c19a)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
File name extensions may or may not be shown for the current name
and are added in an OS-dependent manner if not given for the new
name.
(cherry picked from commit 9890f86ae2)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
It updates links which redirect to HTTPS with different authority or
path.
(cherry picked from commit d0d0154443)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
(cherry picked from commit 698fa8bf60)
Co-authored-by: Erlend Egeberg Aasland <erlend.aasland@protonmail.com>
If one selects whole lines, as the sidebar makes easy, do not
add an extra line. Only move the end of a selection to the
beginning of the next line when not already at the beginning
of a line. (Also improve the surrounding code.)
(cherry picked from commit fc31a13dc1)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
