From: Charles-François Natali Date: Sat, 18 Feb 2012 13:30:34 +0000 (+0100) Subject: Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer X-Git-Tag: v2.7.3rc1~44 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e062466480c1aa8da6fa16532ec0252988f799ba;p=python Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer upon malformed POST request. --- e062466480c1aa8da6fa16532ec0252988f799ba diff --cc Lib/test/test_xmlrpc.py index c88a1eeaee,b9ac2e79ca..8e65fde633 --- a/Lib/test/test_xmlrpc.py +++ b/Lib/test/test_xmlrpc.py @@@ -589,176 -492,6 +589,182 @@@ class SimpleServerTestCase(BaseServerTe # This avoids waiting for the socket timeout. self.test_simple1() ++ def test_partial_post(self): ++ # Check that a partial POST doesn't make the server loop: issue #14001. ++ conn = httplib.HTTPConnection(ADDR, PORT) ++ conn.request('POST', '/RPC2 HTTP/1.0\r\nContent-Length: 100\r\n\r\nbye') ++ conn.close() ++ +class MultiPathServerTestCase(BaseServerTestCase): + threadFunc = staticmethod(http_multi_server) + request_count = 2 + def test_path1(self): + p = xmlrpclib.ServerProxy(URL+"/foo") + self.assertEqual(p.pow(6,8), 6**8) + self.assertRaises(xmlrpclib.Fault, p.add, 6, 8) + def test_path2(self): + p = xmlrpclib.ServerProxy(URL+"/foo/bar") + self.assertEqual(p.add(6,8), 6+8) + self.assertRaises(xmlrpclib.Fault, p.pow, 6, 8) + +#A test case that verifies that a server using the HTTP/1.1 keep-alive mechanism +#does indeed serve subsequent requests on the same connection +class BaseKeepaliveServerTestCase(BaseServerTestCase): + #a request handler that supports keep-alive and logs requests into a + #class variable + class RequestHandler(SimpleXMLRPCServer.SimpleXMLRPCRequestHandler): + parentClass = SimpleXMLRPCServer.SimpleXMLRPCRequestHandler + protocol_version = 'HTTP/1.1' + myRequests = [] + def handle(self): + self.myRequests.append([]) + self.reqidx = len(self.myRequests)-1 + return self.parentClass.handle(self) + def handle_one_request(self): + result = self.parentClass.handle_one_request(self) + self.myRequests[self.reqidx].append(self.raw_requestline) + return result + + requestHandler = RequestHandler + def setUp(self): + #clear request log + self.RequestHandler.myRequests = [] + return BaseServerTestCase.setUp(self) + +#A test case that verifies that a server using the HTTP/1.1 keep-alive mechanism +#does indeed serve subsequent requests on the same connection +class KeepaliveServerTestCase1(BaseKeepaliveServerTestCase): + def test_two(self): + p = xmlrpclib.ServerProxy(URL) + #do three requests. + self.assertEqual(p.pow(6,8), 6**8) + self.assertEqual(p.pow(6,8), 6**8) + self.assertEqual(p.pow(6,8), 6**8) + + #they should have all been handled by a single request handler + self.assertEqual(len(self.RequestHandler.myRequests), 1) + + #check that we did at least two (the third may be pending append + #due to thread scheduling) + self.assertGreaterEqual(len(self.RequestHandler.myRequests[-1]), 2) + +#test special attribute access on the serverproxy, through the __call__ +#function. +class KeepaliveServerTestCase2(BaseKeepaliveServerTestCase): + #ask for two keepalive requests to be handled. + request_count=2 + + def test_close(self): + p = xmlrpclib.ServerProxy(URL) + #do some requests with close. + self.assertEqual(p.pow(6,8), 6**8) + self.assertEqual(p.pow(6,8), 6**8) + self.assertEqual(p.pow(6,8), 6**8) + p("close")() #this should trigger a new keep-alive request + self.assertEqual(p.pow(6,8), 6**8) + self.assertEqual(p.pow(6,8), 6**8) + self.assertEqual(p.pow(6,8), 6**8) + + #they should have all been two request handlers, each having logged at least + #two complete requests + self.assertEqual(len(self.RequestHandler.myRequests), 2) + self.assertGreaterEqual(len(self.RequestHandler.myRequests[-1]), 2) + self.assertGreaterEqual(len(self.RequestHandler.myRequests[-2]), 2) + + def test_transport(self): + p = xmlrpclib.ServerProxy(URL) + #do some requests with close. + self.assertEqual(p.pow(6,8), 6**8) + p("transport").close() #same as above, really. + self.assertEqual(p.pow(6,8), 6**8) + self.assertEqual(len(self.RequestHandler.myRequests), 2) + +#A test case that verifies that gzip encoding works in both directions +#(for a request and the response) +class GzipServerTestCase(BaseServerTestCase): + #a request handler that supports keep-alive and logs requests into a + #class variable + class RequestHandler(SimpleXMLRPCServer.SimpleXMLRPCRequestHandler): + parentClass = SimpleXMLRPCServer.SimpleXMLRPCRequestHandler + protocol_version = 'HTTP/1.1' + + def do_POST(self): + #store content of last request in class + self.__class__.content_length = int(self.headers["content-length"]) + return self.parentClass.do_POST(self) + requestHandler = RequestHandler + + class Transport(xmlrpclib.Transport): + #custom transport, stores the response length for our perusal + fake_gzip = False + def parse_response(self, response): + self.response_length=int(response.getheader("content-length", 0)) + return xmlrpclib.Transport.parse_response(self, response) + + def send_content(self, connection, body): + if self.fake_gzip: + #add a lone gzip header to induce decode error remotely + connection.putheader("Content-Encoding", "gzip") + return xmlrpclib.Transport.send_content(self, connection, body) + + def setUp(self): + BaseServerTestCase.setUp(self) + + def test_gzip_request(self): + t = self.Transport() + t.encode_threshold = None + p = xmlrpclib.ServerProxy(URL, transport=t) + self.assertEqual(p.pow(6,8), 6**8) + a = self.RequestHandler.content_length + t.encode_threshold = 0 #turn on request encoding + self.assertEqual(p.pow(6,8), 6**8) + b = self.RequestHandler.content_length + self.assertTrue(a>b) + + def test_bad_gzip_request(self): + t = self.Transport() + t.encode_threshold = None + t.fake_gzip = True + p = xmlrpclib.ServerProxy(URL, transport=t) + cm = self.assertRaisesRegexp(xmlrpclib.ProtocolError, + re.compile(r"\b400\b")) + with cm: + p.pow(6, 8) + + def test_gsip_response(self): + t = self.Transport() + p = xmlrpclib.ServerProxy(URL, transport=t) + old = self.requestHandler.encode_threshold + self.requestHandler.encode_threshold = None #no encoding + self.assertEqual(p.pow(6,8), 6**8) + a = t.response_length + self.requestHandler.encode_threshold = 0 #always encode + self.assertEqual(p.pow(6,8), 6**8) + b = t.response_length + self.requestHandler.encode_threshold = old + self.assertTrue(a>b) + +#Test special attributes of the ServerProxy object +class ServerProxyTestCase(unittest.TestCase): + def setUp(self): + unittest.TestCase.setUp(self) + if threading: + self.url = URL + else: + # Without threading, http_server() and http_multi_server() will not + # be executed and URL is still equal to None. 'http://' is a just + # enough to choose the scheme (HTTP) + self.url = 'http://' + + def test_close(self): + p = xmlrpclib.ServerProxy(self.url) + self.assertEqual(p('close')(), None) + + def test_transport(self): + t = xmlrpclib.Transport() + p = xmlrpclib.ServerProxy(self.url, transport=t) + self.assertEqual(p('transport'), t) + # This is a contrived way to make a failure occur on the server side # in order to test the _send_traceback_header flag on the server class FailingMessageClass(mimetools.Message): diff --cc Misc/NEWS index 95e4b86882,20d39b66d1..a02641f2f9 --- a/Misc/NEWS +++ b/Misc/NEWS @@@ -93,487 -78,476 +93,490 @@@ Core and Builtin Library ------- -- Issue #9600: Don't use relative import for _multiprocessing on Windows. ++- Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in ++ SimpleXMLRPCServer upon malformed POST request. + -- Issue #8688: Revert regression introduced in 2.6.6rc1 (making Distutils - recalculate MANIFEST every time). +- Issue #2489: pty.spawn could consume 100% cpu when it encountered an EOF. -- Issue #5798: Handle select.poll flag oddities properly on OS X. - This fixes test_asynchat and test_smtplib failures on OS X. +- Issue #13014: Fix a possible reference leak in SSLSocket.getpeercert(). -- Issue #9543: Fix regression in socket.py introduced in Python 2.6.6 rc 1 - in r83624. +- Issue #13987: HTMLParser is now able to handle EOFs in the middle of a + construct and malformed start tags. -Extension Modules ------------------ +- Issue #13015: Fix a possible reference leak in defaultdict.__repr__. + Patch by Suman Saha. -- Issue #7567: Don't call `setupterm' twice. +- Issue #13979: A bug in ctypes.util.find_library that caused + the wrong library name to be returned has been fixed. -Tests ------ +- Issue #1326113: distutils' build_ext command --libraries option now + correctly parses multiple values separated by whitespace or commas. -- Issue #9568: Fix test_urllib2_localnet on OS X 10.3. +- Issue #13993: HTMLParser is now able to handle broken end tags. -- Issue #9145: Fix test_coercion failure in refleak runs. +- Issue #13960: HTMLParser is now able to handle broken comments. -- Issue #8433: Fix test_curses failure caused by newer versions of - ncurses returning ERR from getmouse() when there are no mouse - events available. +- Issue #9750: Fix sqlite3.Connection.iterdump on tables and fields + with a name that is a keyword or contains quotes. Patch by Marko + Kohtala. +- Issue #13994: Earlier partial revert of Distutils enhancements in 2.7 + has left two versions of customize_compiler, the original in + distutils.sysconfig and another copy in distutils.ccompiler, with some + parts of distutils calling one and others using the other. + Complete the revert back to only having one in distutils.sysconfig as + is the case in 3.x. -What's New in Python 2.6.6 rc 1? -================================ +- Issue #13590: On OS X 10.7 and 10.6 with Xcode 4.2, building + Distutils-based packages with C extension modules may fail because + Apple has removed gcc-4.2, the version used to build python.org + 64-bit/32-bit Pythons. If the user does not explicitly override + the default C compiler by setting the CC environment variable, + Distutils will now attempt to compile extension modules with clang + if gcc-4.2 is required but not found. Also as a convenience, if + the user does explicitly set CC, substitute its value as the default + compiler in the Distutils LDSHARED configuration variable for OS X. + (Note, the python.org 32-bit-only Pythons use gcc-4.0 and the 10.4u + SDK, neither of which are available in Xcode 4. This change does not + attempt to override settings to support their use with Xcode 4.) -*Release date: 2010-08-03* +- Issue #9021: Add an introduction to the copy module documentation. -Core and Builtins ------------------ +- Issue #6005: Examples in the socket library documentation use sendall, where + relevant, instead send method. -- Issue #6213: Implement getstate() and setstate() methods of utf-8-sig and - utf-16 incremental encoders. +- Issue #10811: Fix recursive usage of cursors. Instead of crashing, + raise a ProgrammingError now. -- Issue #8271: during the decoding of an invalid UTF-8 byte sequence, only the - start byte and the continuation byte(s) are now considered invalid, instead - of the number of bytes specified by the start byte. - E.g.: '\xf1\x80AB'.decode('utf-8', 'replace') now returns u'\ufffdAB' and - replaces with U+FFFD only the start byte ('\xf1') and the continuation byte - ('\x80') even if '\xf1' is the start byte of a 4-bytes sequence. - Previous versions returned a single u'\ufffd'. +- Issue #10881: Fix test_site failures with OS X framework builds. -- Issue #9058: Remove assertions about INT_MAX in UnicodeDecodeError. +- Issue #964437 Make IDLE help window non-modal. + Patch by Guilherme Polo and Roger Serwy. -- Issue #8941: decoding big endian UTF-32 data in UCS-2 builds could crash - the interpreter with characters outside the Basic Multilingual Plane - (higher than 0x10000). +- Issue #13933: IDLE auto-complete did not work with some imported + module, like hashlib. (Patch by Roger Serwy) -- Issue #8627: Remove bogus "Overriding __cmp__ blocks inheritance of - __hash__ in 3.x" warning. Also fix "XXX undetected error" that - arises from the "Overriding __eq__ blocks inheritance ..." warning - when turned into an exception: in this case the exception simply - gets ignored. +- Issue #13901: Prevent test_distutils failures on OS X with --enable-shared. -- Issue #4108: In urllib.robotparser, if there are multiple 'User-agent: *' - entries, consider the first one. +- Issue #13676: Handle strings with embedded zeros correctly in sqlite3. -- Issue #9354: Provide getsockopt() in asyncore's file_wrapper. +- Issue #13506: Add '' to path for IDLE Shell when started and restarted with Restart Shell. + Original patches by Marco Scataglini and Roger Serwy. -- In the unicode/str.format(), raise a ValueError when indexes to arguments are - too large. +- Issue #13806: The size check in audioop decompression functions was too + strict and could reject valid compressed data. Patch by Oleg Plakhotnyuk. -- Issue #3798: Write sys.exit() message to sys.stderr to use stderr encoding - and error handler, instead of writing to the C stderr file in utf-8 +- Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC + IV attack countermeasure. -- Issue #7902: When using explicit relative import syntax, don't try - implicit relative import semantics. +- Issue #6631: Disallow relative file paths in urllib urlopen methods. -- Issue #7079: Fix a possible crash when closing a file object while using - it from another thread. Patch by Daniel Stutzbach. +- Issue #13781: Prevent gzip.GzipFile from using the dummy filename provided by + file objects opened with os.fdopen(). -- Issue #1533: fix inconsistency in range function argument - processing: any non-float non-integer argument is now converted to - an integer (if possible) using its __int__ method. Previously, only - small arguments were treated this way; larger arguments (those whose - __int__ was outside the range of a C long) would produce a TypeError. +- Issue #13589: Fix some serialization primitives in the aifc module. + Patch by Oleg Plakhotnyuk. -- Issue #8417: Raise an OverflowError when an integer larger than sys.maxsize - is passed to bytearray. +- Issue #13803: Under Solaris, distutils doesn't include bitness + in the directory name. -- Issue #8329: Don't return the same lists from select.select when no fds are - changed. +- Issue #13642: Unquote before b64encoding user:password during Basic + Authentication. Patch contributed by Joonas Kuorilehto and Michele Orrù. -- Raise a TypeError when trying to delete a T_STRING_INPLACE struct member. +- Issue #13636: Weak ciphers are now disabled by default in the ssl module + (except when SSLv2 is explicitly asked for). -- Issue #1583863: An unicode subclass can now override the __unicode__ method. +- Issue #12798: Updated the mimetypes documentation. -- Issue #7507: Quote "!" in pipes.quote(); it is special to some shells. +- Issue #13639: Accept unicode filenames in tarfile.open(mode="w|gz"). -- Issue #7544: Preallocate thread memory before creating the thread to avoid - a fatal error in low memory condition. +- Issue #1785: Fix inspect and pydoc with misbehaving descriptors. -- Issue #7820: The parser tokenizer restores all bytes in the right if - the BOM check fails. +- Issue #7502: Fix equality comparison for DocTestCase instances. Patch by + Cédric Krier. -- Issue #7072: isspace(0xa0) is true on Mac OS X +- Issue #11870: threading: Properly reinitialize threads internal locks and + condition variables to avoid deadlocks in child processes. -C-API ------ +- Issue #8035: urllib: Fix a bug where the client could remain stuck after a + redirection or an error. -- Issue #5753: A new C API function, :cfunc:`PySys_SetArgvEx`, allows - embedders of the interpreter to set sys.argv without also modifying - sys.path. This helps fix `CVE-2008-5983 - `_. +- Issue #4625: If IDLE cannot write to its recent file or breakpoint + files, display a message popup and continue rather than crash. + (original patch by Roger Serwy) -Library -------- +- tarfile.py: Correctly detect bzip2 compressed streams with blocksizes + other than 900k. -- Issue #8447: Make distutils.sysconfig follow symlinks in the path to - the interpreter executable. This fixes a failure of test_httpservers - on OS X. +- Issue #13573: The csv.writer now uses the repr() for floats rather than str(). + This allows floats to round-trip without loss of precision. -- Issue #7092: Fix the DeprecationWarnings emitted by the standard library - when using the -3 flag. Patch by Florent Xicluna. +- Issue #13439: Fix many errors in turtle docstrings. -- Issue #7395: Fix tracebacks in pstats interactive browser. +- Issue #12856: Ensure child processes do not inherit the parent's random + seed for filename generation in the tempfile module. Patch by Brian + Harring. -- Issue #1713: Fix os.path.ismount(), which returned true for symbolic links - across devices. +- Issue #13458: Fix a memory leak in the ssl module when decoding a + certificate with a subjectAltName. Patch by Robert Xiao. -- Issue #8826: Properly load old-style "expires" attribute in http.cookies. +- Issue #13415: os.unsetenv() doesn't ignore errors anymore. -- Issue #1690103: Fix initial namespace for code run with trace.main(). +- Issue #13322: Fix BufferedWriter.write() to ensure that BlockingIOError is + raised when the wrapped raw file is non-blocking and the write would block. + Previous code assumed that the raw write() would raise BlockingIOError, but + RawIOBase.write() is defined to returned None when the call would block. + Patch by sbt. -- Issue #5294: Fix the behavior of pdb's "continue" command when called - in the top-level debugged frame. +- Issue #13358: HTMLParser now calls handle_data only once for each CDATA. -- Issue #5727: Restore the ability to use readline when calling into pdb - in doctests. +- Issue #4147: minidom's toprettyxml no longer adds whitespace around a text + node when it is the only child of an element. Initial patch by Dan + Kenigsberg. -- Issue #6719: In pdb, do not stop somewhere in the encodings machinery - if the source file to be debugged is in a non-builtin encoding. +- Issue #8793: Prevent IDLE crash when given strings with invalid hex escape + sequences. -- Issue #8048: Prevent doctests from failing when sys.displayhook has - been reassigned. +- Issues #1745761, #755670, #13357, #12629, #1200313: HTMLParser now correctly + handles non-valid attributes, including adjacent and unquoted attributes. -- Issue #8015: In pdb, do not crash when an empty line is entered as - a breakpoint command. +- Issue #13193: Fix distutils.filelist.FileList under Windows. -- Issue #7909: Do not touch paths with the special prefixes ``\\.\`` - or ``\\?\`` in ntpath.normpath(). +- Issue #13373: multiprocessing.Queue.get() could sometimes block indefinitely + when called with a timeout. Patch by Arnaud Ysmal. -- Issue #5146: Handle UID THREAD command correctly in imaplib. +- Issue #3067: Enhance the documentation and docstring of + locale.setlocale(). -- Issue #5147: Fix the header generated for cookie files written by - http.cookiejar.MozillaCookieJar. +- Issue #13254: Fix Maildir initialization so that maildir contents + are read correctly. -- Issue #8198: In pydoc, output all help text to the correct stream - when sys.stdout is reassigned. +- Issue #13140: Fix the daemon_threads attribute of ThreadingMixIn. -- Issue #1019882: Fix IndexError when loading certain hotshot stats. +- Issue #2892: preserve iterparse events in case of SyntaxError. -- Issue #8471: In doctest, properly reset the output stream to an empty - string when Unicode was previously output. +- Issue #670664: Fix HTMLParser to correctly handle the content of + ```` and ````. -- Issue #8397: Raise an error when attempting to mix iteration and regular - reads on a BZ2File object, rather than returning incorrect results. +- Issue #10817: Fix urlretrieve function to raise ContentTooShortError even + when reporthook is None. Patch by Jyrki Pulliainen. -- Issue #8620: when a Cmd is fed input that reaches EOF without a final - newline, it no longer truncates the last character of the last command line. +- Issue #13296: Fix IDLE to clear compile __future__ flags on shell restart. + (Patch by Roger Serwy) -- Issue #7066: archive_util.make_archive now restores the cwd if an error is - raised. Initial patch by Ezio Melotti. +- Issue #7334: close source files on ElementTree.parse and iterparse. -- Issue #5006: Better handling of unicode byte-order marks (BOM) in the io - library. This means, for example, that opening an UTF-16 text file in append - mode doesn't add a BOM at the end of the file if the file isn't empty. +- Issue #13232: logging: Improved logging of exceptions in the presence of + multiple encodings. -- Issue #3704: cookielib was not properly handling URLs with a / in the - parameters. +- Issue #10332: multiprocessing: fix a race condition when a Pool is closed + before all tasks have completed. -- Issue #4629: getopt raises an error if an argument ends with = whereas getopt - doesn't except a value (eg. --help= is rejected if getopt uses ['help='] long - options). +- Issue #1548891: The cStringIO.StringIO() constructor now encodes unicode + arguments with the system default encoding just like the write() method + does, instead of converting it to a raw buffer. This also fixes handling of + unicode input in the shlex module (#6988, #1170). -- Issue #7895: platform.mac_ver() no longer crashes after calling os.fork() +- Issue #9168: now smtpd is able to bind privileged port. -- Issue #5395: array.fromfile() would raise a spurious EOFError when an - I/O error occurred. Now an IOError is raised instead. Patch by chuck - (Jan Hosang). +- Issue #12529: fix cgi.parse_header issue on strings with double-quotes and + semicolons together. Patch by Ben Darnell and Petri Lehtinen. -- Issue #1555570: email no longer inserts extra blank lines when a \r\n - combo crosses an 8192 byte boundary. +- Issue #6090: zipfile raises a ValueError when a document with a timestamp + earlier than 1980 is provided. Patch contributed by Petri Lehtinen. -- Issue #9164: Ensure sysconfig handles dupblice archs while building on OSX +- Issue #13194: zlib.compressobj().copy() and zlib.decompressobj().copy() are + now available on Windows. -- Issue #7646: The fnmatch pattern cache no longer grows without bound. +- Issue #13114: Fix the distutils commands check and register when the + long description is a Unicode string with non-ASCII characters. -- Issue #9136: Fix 'dictionary changed size during iteration' - RuntimeError produced when profiling the decimal module. This was - due to a dangerous iteration over 'locals()' in Context.__init__. +- Issue #7367: Fix pkgutil.walk_paths to skip directories whose + contents cannot be read. -- Fix extreme speed issue in Decimal.pow when the base is an exact - power of 10 and the exponent is tiny (for example, - Decimal(10) ** Decimal('1e-999999999')). +- Issue #7425: Prevent pydoc -k failures due to module import errors. + (Backport to 2.7 of existing 3.x fix) -- Issue #9130: Fix validation of relative imports in parser module. +- Issue #13099: Fix sqlite3.Cursor.lastrowid under a Turkish locale. + Reported and diagnosed by Thomas Kluyver. -- Issue #9128: Fix validation of class decorators in parser module. +- Issue #7689: Allow pickling of dynamically created classes when their + metaclass is registered with copy_reg. Patch by Nicolas M. Thiéry and + Craig Citro. -- Issue #7673: Fix security vulnerability (CVE-2010-2089) in the audioop - module, ensure that the input string length is a multiple of the frame size +- Issue #13058: ossaudiodev: fix a file descriptor leak on error. Patch by + Thomas Jarosch. -- Issue #6589: cleanup asyncore.socket_map in case smtpd.SMTPServer constructor - raises an exception. +- Issue #12931: xmlrpclib now encodes Unicode URI to ISO-8859-1, instead of + failing with a UnicodeDecodeError. -- Issue #9125: Add recognition of 'except ... as ...' syntax to parser module. +- Issue #8933: distutils' PKG-INFO files will now correctly report + Metadata-Version: 1.1 instead of 1.0 if a Classifier or Download-URL field is + present. -- Issue #9085: email package version number bumped to its correct - value of 4.0.2 (same as it was in 2.5). +- Issue #8286: The distutils command sdist will print a warning message instead + of crashing when an invalid path is given in the manifest template. -- Issue #9075: In the ssl module, remove the setting of a ``debug`` flag - on an OpenSSL structure. +- Issue #12841: tarfile unnecessarily checked the existence of numerical user + and group ids on extraction. If one of them did not exist the respective id + of the current user (i.e. root) was used for the file and ownership + information was lost. -- Issue #5610: feedparser no longer eats extra characters at the end of - a body part if the body part ends with a \r\n. +- Issue #10946: The distutils commands bdist_dumb, bdist_wininst and bdist_msi + now respect a --skip-build option given to bdist. -- Issue #8924: logging: Improved error handling for Unicode in exception text. +- Issue #12287: Fix a stack corruption in ossaudiodev module when the FD is + greater than FD_SETSIZE. -- Fix codecs.escape_encode to return the correct consumed size. +- Issue #12839: Fix crash in zlib module due to version mismatch. + Fix by Richard M. Tew. -- Issue #6470: Drop UNC prefix in FixTk. +- Issue #12786: Set communication pipes used by subprocess.Popen CLOEXEC to + avoid them being inherited by other subprocesses. -- Issue #8833: tarfile created hard link entries with a size field != 0 by - mistake. +- Issue #4106: Fix occasional exceptions printed out by multiprocessing on + interpreter shutdown. -- Issue #1368247: set_charset (and therefore MIMEText) now automatically - encodes a unicode _payload to the output_charset. +- Issue #11657: Fix sending file descriptors over 255 over a multiprocessing + Pipe. -- Issue #7150: Raise OverflowError if the result of adding or subtracting - timedelta from date or datetime falls outside of the MINYEAR:MAXYEAR range. +- Issue #12213: Fix a buffering bug with interleaved reads and writes that + could appear on io.BufferedRandom streams. -- Issue #6662: Fix parsing of malformatted charref (&#bad;), patch written by - Fredrik Håård +- Issue #12326: sys.platform is now always 'linux2' on Linux, even if Python + is compiled on Linux 3. -- Issue #1628205: Socket file objects returned by socket.socket.makefile() now - properly handles EINTR within the read, readline, write & flush methods. - The socket.sendall() method now properly handles interrupted system calls. +- Issue #13007: whichdb should recognize gdbm 1.9 magic numbers. -- Issue #3924: Ignore cookies with invalid "version" field in cookielib. +- Issue #9173: Let shutil._make_archive work if the logger argument is None. -- Issue #6268: Fix seek() method of codecs.open(), don't read or write the BOM - twice after seek(0). Fix also reset() method of codecs, UTF-16, UTF-32 and - StreamWriter classes. +- Issue #12650: Fix a race condition where a subprocess.Popen could leak + resources (FD/zombie) when killed at the wrong time. -- Issue #5640: Fix Shift-JIS incremental encoder for error handlers different - than strict +- Issue #12752: Fix regression which prevented locale.normalize() from + accepting unicode strings. -- Issue #8782: Add a trailing newline in linecache.updatecache to the last line - of files without one. +- Issue #12683: urlparse updated to include svn as schemes that uses relative + paths. (svn from 1.5 onwards support relative path). -- Issue #8729: Return NotImplemented from collections.Mapping.__eq__ when - comparing to a non-mapping. +- Issue #11933: Fix incorrect mtime comparison in distutils. -- Issue #5918: Fix a crash in the parser module. +- Issues #11104, #8688: Fix the behavior of distutils' sdist command with + manually-maintained MANIFEST files. -- Issue #8688: Distutils now recalculates MANIFEST everytime. +- Issue #8887: "pydoc somebuiltin.somemethod" (or help('somebuiltin.somemethod') + in Python code) now finds the doc of the method. -- Issue #7640: In the new `io` module, fix relative seek() for buffered - readable streams when the internal buffer isn't empty. Patch by Pascal - Chambon. +- Issue #12603: Fix pydoc.synopsis() on files with non-negative st_mtime. -- Issue #5099: subprocess.Popen.__del__ no longer references global objects, - leading to issues during interpreter shutdown. +- Issue #12514: Use try/finally to assure the timeit module restores garbage + collections when it is done. -- Issue #8681: Make the zlib module's error messages more informative when - the zlib itself doesn't give any detailed explanation. +- Issue #12607: In subprocess, fix issue where if stdin, stdout or stderr is + given as a low fd, it gets overwritten. -- Issue #8674: Fixed a number of incorrect or undefined-behaviour-inducing - overflow checks in the audioop module. +- Issue #12102: Document that buffered files must be flushed before being used + with mmap. Patch by Steffen Daode Nurpmeso. -- Issue #8571: Fix an internal error when compressing or decompressing a - chunk larger than 1GB with the zlib module's compressor and decompressor - objects. +- Issue #12560: Build libpython.so on OpenBSD. Patch by Stefan Sperling. -- Issue #8573: asyncore _strerror() function might throw ValueError. +- Issue #1813: Fix codec lookup and setting/getting locales under Turkish + locales. -- Issue #8483: asyncore.dispatcher's __getattr__ method produced confusing - error messages when accessing undefined class attributes because of the cheap - inheritance with the underlying socket object. +- Issue #10883: Fix socket leaks in urllib when using FTP. -- Issue #4265: shutil.copyfile() was leaking file descriptors when disk fills. - Patch by Tres Seaver. +- Issue #12592: Make Python build on OpenBSD 5 (and future major releases). -- Issue #8621: uuid.uuid4() returned the same sequence of values in the - parent and any children created using ``os.fork`` on MacOS X 10.6. +- Issue #12372: POSIX semaphores are broken on AIX: don't use them. -- Issue #8313: traceback.format_exception_only() encodes unicode message to - ASCII with backslashreplace error handler if str(value) failed +- Issue #12571: Add a plat-linux3 directory mirroring the plat-linux2 + directory, so that "import DLFCN" and other similar imports work on + Linux 3.0. -- Issue #8567: Fix precedence of signals in Decimal module: when a - Decimal operation raises multiple signals and more than one of those - signals is trapped, the specification determines the order in which - the signals should be handled. In many cases this order wasn't - being followed, leading to the wrong Python exception being raised. +- Issue #7484: smtplib no longer puts <> around addresses in VRFY and EXPN + commands; they aren't required and in fact postfix doesn't support that form. -- Issue #7865: The close() method of :mod:`io` objects should not swallow - exceptions raised by the implicit flush(). Also ensure that calling - close() several times is supported. Initial patch by Pascal Chambon. +- Issue #11603: Fix a crash when __str__ is rebound as __repr__. Patch by + Andreas Stührk. -- Issue #8581: logging: removed errors raised when closing handlers twice. +- Issue #12502: asyncore: fix polling loop with AF_UNIX sockets. -- Issue #4687: Fix accuracy of garbage collection runtimes displayed with - gc.DEBUG_STATS. +- Issue #4376: ctypes now supports nested structures in a endian different than + the parent structure. Patch by Vlad Riscutia. -- Issue #8354: The siginterrupt setting is now preserved for all signals, - not just SIGCHLD. +- Issue #12493: subprocess: Popen.communicate() now also handles EINTR errors + if the process has only one pipe. -- Issue #8577: distutils.sysconfig.get_python_inc() now makes a difference - between the build dir and the source dir when looking for "python.h" or - "Include". +- Issue #12467: warnings: fix a race condition if a warning is emitted at + shutdown, if globals()['__file__'] is None. -- Issue #8464: tarfile no longer creates files with execute permissions set - when mode="w|" is used. +- Issue #12352: Fix a deadlock in multiprocessing.Heap when a block is freed by + the garbage collector while the Heap lock is held. -- Issue #7834: Fix connect() of Bluetooth L2CAP sockets with recent versions - of the Linux kernel. Patch by Yaniv Aknin. +- Issue #9516: On Mac OS X, change Distutils to no longer globally attempt to + check or set the MACOSX_DEPLOYMENT_TARGET environment variable for the + interpreter process. This could cause failures in non-Distutils subprocesses + and was unreliable since tests or user programs could modify the interpreter + environment after Distutils set it. Instead, have Distutils set the the + deployment target only in the environment of each build subprocess. It is + still possible to globally override the default by setting + MACOSX_DEPLOYMENT_TARGET before launching the interpreter; its value must be + greater or equal to the default value, the value with which the interpreter + was built. -- Issue #6312: Fixed http HEAD request when the transfer encoding is chunked. - It should correctly return an empty response now. +- Issue #11802: The cache in filecmp now has a maximum size of 100 so that + it won't grow without bound. -- Issue #8086: In :func:`ssl.DER_cert_to_PEM_cert()`, fix missing newline - before the certificate footer. Patch by Kyle VanderBeek. +- Issue #12404: Remove C89 incompatible code from mmap module. Patch by Akira + Kitada. -- Issue #8549: Fix compiling the _ssl extension under AIX. Patch by - Sridhar Ratnakumar. +- Issue #11700: mailbox proxy object close methods can now be called multiple + times without error, and _ProxyFile now closes the wrapped file. -- Issue #2302: Fix a race condition in SocketServer.BaseServer.shutdown, - where the method could block indefinitely if called just before the - event loop started running. This also fixes the occasional freezes - witnessed in test_httpservers. +- Issue #12133: AbstractHTTPHandler.do_open() of urllib.request closes the HTTP + connection if its getresponse() method fails with a socket error. Patch + written by Ezio Melotti. -- Issue #5103: SSL handshake would ignore the socket timeout and block - indefinitely if the other end didn't respond. +- Issue #9284: Allow inspect.findsource() to find the source of doctest + functions. -- The do_handshake() method of SSL objects now adjusts the blocking mode of - the SSL structure if necessary (as other methods already do). +- Issue #10694: zipfile now ignores garbage at the end of a zipfile. -- Issue #5238: Calling makefile() on an SSL object would prevent the - underlying socket from being closed until all objects get truely destroyed. +- Issue #11583: Speed up os.path.isdir on Windows by using GetFileAttributes + instead of os.stat. -- Issue #7943: Fix circular reference created when instantiating an SSL - socket. Initial patch by Péter Szabó. +- Issue #12080: Fix a performance issue in Decimal._power_exact that caused + some corner-case Decimal.__pow__ calls to take an unreasonably long time. -- Issue #8108: Fix the unwrap() method of SSL objects when the socket has - a non-infinite timeout. Also make that method friendlier with applications - wanting to continue using the socket in clear-text mode, by disabling - OpenSSL's internal readahead. Thanks to Darryl Miles for guidance. +- Named tuples now work correctly with vars(). -- Issue #8484: Load all ciphers and digest algorithms when initializing - the _ssl extension, such that verification of some SSL certificates - doesn't fail because of an "unknown algorithm". +- sys.setcheckinterval() now updates the current ticker count as well as + updating the check interval, so if the user decreases the check interval, + the ticker doesn't have to wind down to zero from the old starting point + before the new interval takes effect. And if the user increases the + interval, it makes sure the new limit takes effect right away rather have an + early task switch before recognizing the new interval. -- Issue #4814: timeout parameter is now applied also for connections resulting - from PORT/EPRT commands. +- Issue #12085: Fix an attribute error in subprocess.Popen destructor if the + constructor has failed, e.g. because of an undeclared keyword argument. Patch + written by Oleg Oshmyan. -- Issue #3817: ftplib.FTP.abort() method now considers 225 a valid response - code as stated in RFC-959 at chapter 5.4. +Extension Modules +----------------- -- Issue #5277: Fix quote counting when parsing RFC 2231 encoded parameters. +- bsddb module: Erratic behaviour of "DBEnv->rep_elect()" because a typo. + Possible crash. -- Issue #8179: Fix macpath.realpath() on a non-existing path. +- Issue #13774: json: Fix a SystemError when a bogus encoding is passed to + json.loads(). -- Issue #8310: Allow dis to examine new style classes. +- Issue #9975: socket: Fix incorrect use of flowinfo and scope_id. Patch by + Vilmos Nebehaj. -- Issue #7667: Fix doctest failures with non-ASCII paths. +- Issue #13159: FileIO, BZ2File, and the built-in file class now use a + linear-time buffer growth strategy instead of a quadratic one. -- Issue #7624: Fix isinstance(foo(), collections.Callable) for old-style - classes. +- Issue #13070: Fix a crash when a TextIOWrapper caught in a reference cycle + would be finalized after the reference to its underlying BufferedRWPair's + writer got cleared by the GC. -- Issue #7512: shutil.copystat() could raise an OSError when the filesystem - didn't support chflags() (for example ZFS under FreeBSD). The error is - now silenced. +- Issue #12881: ctypes: Fix segfault with large structure field names. -- Issue #3890, #8222: Fix recv() and recv_into() on non-blocking SSL sockets. - Also, enable the SSL_MODE_AUTO_RETRY flag on SSL sockets, so that blocking - reads and writes are always retried by OpenSSL itself. +- Issue #13013: ctypes: Fix a reference leak in PyCArrayType_from_ctype. + Thanks to Suman Saha for finding the bug and providing a patch. -- Issue #6544: fix a reference leak in the kqueue implementation's error - handling. +- Issue #13022: Fix: _multiprocessing.recvfd() doesn't check that + file descriptor was actually received. -- Issue #7774: Set sys.executable to an empty string if argv[0] has been - set to an non existent program name and Python is unable to retrieve the real - program name +- Issue #12483: ctypes: Fix a crash when the destruction of a callback + object triggers the garbage collector. -- Issue #6906: Tk should not set Unicode environment variables on Windows. +- Issue #12950: Fix passing file descriptors in multiprocessing, under + OpenIndiana/Illumos. -- Issue #1054943: Fix unicodedata.normalize('NFC', text) for the Public Review - Issue #29 +- Issue #12764: Fix a crash in ctypes when the name of a Structure field is not + a string. -- Issue #7494: fix a crash in _lsprof (cProfile) after clearing the profiler, - reset also the pointer to the current pointer context. +- Issue #9651: Fix a crash when ctypes.create_string_buffer(0) was passed to + some functions like file.write(). -- Issue #4961: Inconsistent/wrong result of askyesno function in tkMessageBox - with Tcl/Tk-8.5. +- Issue #10309: Define _GNU_SOURCE so that mremap() gets the proper + signature. Without this, architectures where sizeof void* != sizeof int are + broken. Patch given by Hallvard B Furuseth. -- Issue #7356: ctypes.util: Make parsing of ldconfig output independent of - the locale. +Build +----- -Extension Modules ------------------ +- Issue #8746: Correct faulty configure checks so that os.chflags() and + os.lchflags() are once again built on systems that support these + functions (*BSD and OS X). Also add new stat file flags for OS X + (UF_HIDDEN and UF_COMPRESSED). -- Fix memory leak in ssl._ssl._test_decode_cert. +Tools/Demos +----------- -- Issue #9422: Fix memory leak when re-initializing a struct.Struct object. +- Issue #13930: 2to3 is now able to write its converted output files to another + directory tree as well as copying unchanged files and altering the file + suffix. See its new -o, -W and --add-suffix options. This makes it more + useful in many automated code translation workflows. -- Issue #7900: The getgroups(2) system call on MacOSX behaves rather oddly - compared to other unix systems. In particular, os.getgroups() does - not reflect any changes made using os.setgroups() but basicly always - returns the same information as the id command. +- Issue #10639: reindent.py no longer converts newlines and will raise + an error if attempting to convert a file with mixed newlines. - os.getgroups() can now return more than 16 groups on MacOSX. +- Issue #13628: python-gdb.py is now able to retrieve more frames in the Python + traceback if Python is optimized. -- Issue #9277: Fix bug in struct.pack for bools in standard mode - (e.g., struct.pack('>?')): if conversion to bool raised an exception - then that exception wasn't properly propagated on machines where - char is unsigned. +Tests +----- -- Issue #7384: If the system readline library is linked against - ncurses, do not link the readline module against ncursesw. The - additional restriction of linking the readline and curses modules - against the same curses library is currently not enabled. +- Issue #11689: Fix a variable scoping error in an sqlite3 test. + Initial patch by Torsten Landschoff. -- Issue #2810: Fix cases where the Windows registry API returns - ERROR_MORE_DATA, requiring a re-try in order to get the complete result. +- Issue #13304: Skip test case if user site-packages disabled (-s or + PYTHONNOUSERSITE). (Patch by Carl Meyer) -Build ------ +- Issue #13218: Fix test_ssl failures on Debian/Ubuntu. -- Issue #8854: Fix finding Visual Studio 2008 on Windows x64. +- Issue #12821: Fix test_fcntl failures on OpenBSD 5. -- Issue #3928: os.mknod() now available in Solaris, also. +- Issue #12331: The test suite for lib2to3 can now run from an installed + Python. -- Issue #8175: --with-universal-archs=all works correctly on OSX 10.5 +- Issue #12549: Correct test_platform to not fail when OS X returns 'x86_64' + as the processor type on some Mac systems. -- Issue #6716: Quote -x arguments of compileall in MSI installer. +- Skip network tests when getaddrinfo() returns EAI_AGAIN, meaning a temporary + failure in name resolution. -- Issue #1628484: The Makefile doesn't ignore the CFLAGS environment - variable anymore. It also forwards the LDFLAGS settings to the linker - when building a shared library. +- Issue #11812: Solve transient socket failure to connect to 'localhost' + in test_telnetlib.py. -Tests ------ +- Solved a potential deadlock in test_telnetlib.py. Related to issue #11812. -- Issue #7849: Now the utility ``check_warnings`` verifies if the warnings are - effectively raised. A new private utility ``_check_py3k_warnings`` has been - backported to help silencing py3k warnings. +- Avoid failing in test_robotparser when mueblesmoraleda.com is flaky and + an overzealous DNS service (e.g. OpenDNS) redirects to a placeholder + Web site. -- Issue #8672: Add a zlib test ensuring that an incomplete stream can be - handled by a decompressor object without errors (it returns incomplete - uncompressed data). +- Avoid failing in test_urllibnet.test_bad_address when some overzealous + DNS service (e.g. OpenDNS) resolves a non-existent domain name. The test + is now skipped instead. -- Issue #8629: Disable some test_ssl tests, since they give different - results with OpenSSL 1.0.0 and higher. +- Issue #8716: Avoid crashes caused by Aqua Tk on OSX when attempting to run + test_tk or test_ttk_guionly under a username that is not currently logged + in to the console windowserver (as may be the case under buildbot or ssh). -- Issue #8576: Remove use of find_unused_port() in test_smtplib and - test_multiprocessing. Patch by Paul Moore. +- Issue #12141: Install a copy of template C module file so that + test_build_ext of test_distutils is no longer silently skipped when + run outside of a build directory. -- Issue #7027: regrtest.py keeps a reference to the encodings.ascii module as a - workaround to #7140 bug +- Issue #8746: Add additional tests for os.chflags() and os.lchflags(). + Patch by Garrett Cooper. -- Issue #3864: Skip three test_signal tests on freebsd6 because they fail - if any thread was previously started, most likely due to a platform bug. +- Issue #10736: Fix test_ttk test_widgets failures with Cocoa Tk 8.5.9 + on Mac OS X. (Patch by Ronald Oussoren) -- Issue #8193: Fix test_zlib failure with zlib 1.2.4. +- Issue #12057: Add tests for ISO 2022 codecs (iso2022_jp, iso2022_jp_2, + iso2022_kr). Documentation -------------