Mike Klaas added the comment:
I wouldn't advocate that it go in to 2.3/2.4. The only security issue is
a possible DoS, but I think that is unlikely. There is already an "attack
vector" for python code using (timeout-less) httplib by simply returning
the response very sl
New submission from Mike Klaas:
There are a small number of sites that do not send the trailing \r\n when
using chunked transfer encoding (say 1 in 500,000). This unfortunately,
causes httplib to go into an infinite loop.
Fixed by checking for EOF (3 line patch)
--
components
Mike Klaas added the comment:
Updated patch, now with documentation and test. Patch is against
2.6trunk, but probably will apply against 3.0 as well
--
components: +Library (Lib) -Interpreter Core
versions: +Python 2.6 -Python 2.5
Added file: http://bugs.python.org/file9070
Mike Klaas added the comment:
PEPs should be proposed on python-list and python-dev. This is a four-
year-old idea that seems quite profound in the changes proposed.
Recommend closing.
--
nosy: +klaas
Tracker <[EMAIL PROTECTED]>
Mike Klaas added the comment:
Patch applies to 2.5 cleanly, test_xmlrpc passes.
--
nosy: +klaas
_
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/iss
Mike Klaas added the comment:
Verified on 2.5.0. The problem stems from contextmanager.__exit__:
def __exit__(self, type, value, traceback):
if type is None:
try:
self.gen.next()
except StopIteration:
return
else
Mike Klaas added the comment:
Is the footprint of UUID an issue?
Note that changing the pickle format of UUID will require code that can
unpickle both versions, for compatibility. I don't really see the need.
Also, no real patch provided.
--
nosy: +
Mike Klaas added the comment:
Is this meant to be inserted into uuid.py? It seems more like a snippet
from unrelated code: code coventions do not follow PEP 8; there are no
tests; code does not run as-is (references non-existent variable '_os'--
why no 'import os'?); e
Mike Klaas added the comment:
Finally, I did not include any platform-specific optimizations, as I don't
have AIX or solaris boxes on which to test them (and they can easily be
added later). An order-mag speedup on all *nix platforms is a good
Mike Klaas added the comment:
I see that some spaces crept in to the patch. I can fix that (and perhaps
rename the function to start with an underscore) if desired.
_
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/iss
Mike Klaas added the comment:
This problem has also afflicted us.
Attached is a patch which adds closerange(fd_low, fd_high) to the posix
(and consequently os) module, and modifies subprocess to use it. Patch
is against trunk but should work for 2.5maint.
I don't really think that th
11 matches
Mail list logo
