Re: [Python-Dev] Any tips to tell sprinter at PyCon about developing on Windows?

2008-02-05 Thread Trent Nelson
Feb 2, 2008 7:34 PM, Christian Heimes <[EMAIL PROTECTED]> wrote: > > Brett Cannon wrote: > > It would be really cool if you can recruit some experienced Windows > > developers. :] > That's the point in all of this. =) > -Brett I'll be around for the sprints -- didn't really have a plan as to what

[Python-Dev] XXX - in funcobject.c

2008-02-05 Thread Kristján Valur Jónsson
Hello there. in function_call() in funcobject.c, we have this comment: /* XXX This is broken if the caller deletes dict items! */ Now, I wonder what specifically is meant here? are we really talking about the 'callee' here? In PyEval_EvalCodeEx() it looks as though all keywords are always INC

Re: [Python-Dev] XXX - in funcobject.c

2008-02-05 Thread Guido van Rossum
I think we really *are* talking about the caller -- the caller owns the dict, if it managed to delete something from the dict before the callee can incref it, you'd have trouble. I don't immediately see how this could happen, which is probably why I left it as an XXX comment... --Guido On Feb 5,

Re: [Python-Dev] XXX - in funcobject.c

2008-02-05 Thread Amaury Forgeot d'Arc
Guido van Rossum wrote: > I think we really *are* talking about the caller -- the caller owns > the dict, if it managed to delete something from the dict before the > callee can incref it, you'd have trouble. I don't immediately see how > this could happen, which is probably why I left it as an XXX

Re: [Python-Dev] XXX - in funcobject.c

2008-02-05 Thread Guido van Rossum
On Feb 5, 2008 2:07 PM, Amaury Forgeot d'Arc <[EMAIL PROTECTED]> wrote: > Guido van Rossum wrote: > > I think we really *are* talking about the caller -- the caller owns > > the dict, if it managed to delete something from the dict before the > > callee can incref it, you'd have trouble. I don't im

Re: [Python-Dev] XXX - in funcobject.c

2008-02-05 Thread Amaury Forgeot d'Arc
Guido van Rossum wrote: > Thanks Amaury! Do you think it would be sufficient to change the > PyString_Check() call in PyEval_EvalCodeEx into a > PyString_CheckExact() call? This would prevent this "attack", but would remain fragile - future developments could allow execution of python code somewhe

Re: [Python-Dev] XXX - in funcobject.c

2008-02-05 Thread Guido van Rossum
On Feb 5, 2008 4:02 PM, Amaury Forgeot d'Arc <[EMAIL PROTECTED]> wrote: > Guido van Rossum wrote: > > Thanks Amaury! Do you think it would be sufficient to change the > > PyString_Check() call in PyEval_EvalCodeEx into a > > PyString_CheckExact() call? > > This would prevent this "attack", but woul