The _private_networks variables, used by various is_private
implementations, were missing some ranges and at the same time had
overly strict ranges (where there are more specific ranges considered
globally reachable by the IANA registries).
This patch updates the ranges with what was missing or otherwise
incorrect.
100.64.0.0/10 is left alone, for now, as it's been made special in [1].
The _address_exclude_many() call returns 8 networks for IPv4, 121
networks for IPv6.
[1] https://github.com/python/cpython/issues/61602
In 3.10 and below, is_private checks whether the network and broadcast
address are both private.
In later versions (where the test wss backported from), it checks
whether they both are in the same private network.
For 0.0.0.0/0, both 0.0.0.0 and 255.225.255.255 are private,
but one is in 0.0.0.0/8 ("This network") and the other in
255.255.255.255/32 ("Limited broadcast").
---------
Co-authored-by: Jakub Stasiak <jakub@stasiak.at>
Use of a proxy is intended to defer DNS for the hosts to the proxy itself, rather than a potential for information leak of the host doing DNS resolution itself for any reason. Proxy bypass lists are strictly name based. Most implementations of proxy support agree.
(cherry picked from commit c43b26d02e)
Co-authored-by: Weii Wang <weii.wang@canonical.com>
Feeding the parser by too small chunks defers parsing to prevent
CVE-2023-52425. Future versions of Expat may be more reactive.
(cherry picked from commit 4a08e7b343)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Raise BadZipFile when try to read an entry that overlaps with other entry or
central directory.
(cherry picked from commit 66363b9a7b)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
* Fix a crash when pass UINT_MAX.
* Fix an integer overflow on 64-bit non-Windows platforms.
(cherry picked from commit 0daf555c6f)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
gh-97005: Update libexpat from 2.4.7 to 2.4.9 (gh-97006)
Co-authored-by: Gregory P. Smith [Google] <greg@krypto.org>
(cherry picked from commit 10e3d398c3)
Co-authored-by: Dong-hee Na <donghee.na@python.org>
Co-authored-by: Ned Deily <nad@python.org>
When binding a unix socket to an empty address on Linux, the socket is
automatically bound to an available address in the abstract namespace.
>>> s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
>>> s.bind("")
>>> s.getsockname()
b'\x0075499'
Since python 3.9, the socket is bound to the one address:
>>> s.getsockname()
b'\x00'
And trying to bind multiple sockets will fail with:
Traceback (most recent call last):
File "/home/nsoffer/src/cpython/Lib/test/test_socket.py", line 5553, in testAutobind
s2.bind("")
OSError: [Errno 98] Address already in use
Added 2 tests:
- Auto binding empty address on Linux
- Failing to bind an empty address on other platforms
Fixes f6b3a07b7d (bpo-44493: Add missing terminated NUL in sockaddr_un's length (GH-26866)
(cherry picked from commit c22f134211)
Co-authored-by: Nir Soffer <nsoffer@redhat.com>
Suppress writing an XML declaration in open files in ElementTree.write()
with encoding='unicode' and xml_declaration=None.
If file patch is passed to ElementTree.write() with encoding='unicode',
always open a new file in UTF-8.
(cherry picked from commit d7db9dc3cc)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
The `utc_to_seconds` call can fail, here's a minimal reproducer on
Linux:
TZ=UTC python -c "from datetime import *; datetime.fromtimestamp(253402300799 + 1)"
The old behavior still raised an error in a similar way, but only
because subsequent calculations happened to fail as well. Better to fail
fast.
This also refactors the tests to split out the `fromtimestamp` and
`utcfromtimestamp` tests, and to get us closer to the actual desired
limits of the functions. As part of this, we also changed the way we
detect platforms where the same limits don't necessarily apply (e.g.
Windows).
As part of refactoring the tests to hit this condition explicitly (even
though the user-facing behvior doesn't change in any way we plan to
guarantee), I noticed that there was a difference in the places that
`datetime.utcfromtimestamp` fails in the C and pure Python versions, which
was fixed by skipping the "probe for fold" logic for UTC specifically —
since UTC doesn't have any folds or gaps, we were never going to find a
fold value anyway. This should prevent some failures in the pure python
`utcfromtimestamp` method on timestamps close to 0001-01-01.
There are two separate news entries for this because one is a
potentially user-facing change, the other is an internal code
correctness change that, if anything, changes some error messages. The
two happen to be coupled because of the test refactoring, but they are
probably best thought of as independent changes.
Fixes GH-91581
(cherry picked from commit 83c0247d47)
Co-authored-by: Paul Ganssle <1377457+pganssle@users.noreply.github.com>
If Condition.notify() was interrupted just after it released the waiter lock,
but before removing it from the queue, the following calls of notify() failed
with RuntimeError: cannot release un-acquired lock.
(cherry picked from commit 70af994fee)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
ElementTree method write() and function tostring() now use the text file's
encoding ("UTF-8" if not available) instead of locale encoding in XML
declaration when encoding="unicode" is specified.
(cherry picked from commit 707839b0fe)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Automerge-Triggered-By: GH:serhiy-storchaka
Do not spawn ProcessPool workers on demand when they spawn via fork.
This avoids potential deadlocks in the child processes due to forking from
a multithreaded process..
(cherry picked from commit ebb37fc3fd)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
(cherry picked from commit b795376a62)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
`IPv*Network` and `IPv*Interface` constructors accept a 2-tuple of
(address description, netmask) as the address parameter.
When the tuple-based address is used errors are not propagated
correctly through the `ipaddress.ip_*` helper because of the %-formatting now expecting several arguments:
In [7]: ipaddress.ip_network(("192.168.100.0", "fooo"))
...
TypeError: not all arguments converted during string formatting
Compared to:
In [8]: ipaddress.IPv4Network(("192.168.100.0", "foo"))
...
NetmaskValueError: 'foo' is not a valid netmask
Use an f-string to make sure the error is always properly formatted.
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
(cherry picked from commit 52dc9c3066)
Co-authored-by: Thomas Cellerier <thomascellerier@gmail.com>
Do not store `ProcessPoolExecutor` work item exception traceback that prevents
exception frame locals from being garbage collected.
(cherry picked from commit 9c204b148f)
Co-authored-by: themylogin <themylogin@gmail.com>
Previously, pickling did not fail, but the result could not be unpickled.
(cherry picked from commit 6d0d547033)
(cherry picked from commit e8ff3c92f6)
It was raised if the charset itself contains characters not encodable
in UTF-8 (in particular \udcxx characters representing non-decodable
bytes in the source).
(cherry picked from commit e91dee87ed)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
GH- Adding 'required' to names in Lib.argparse.Action
gh-91832:
Added 'required' to the list `names` in `Lib.argparse.Action`.
Changed constant strings that test the Action object.
Automerge-Triggered-By: GH:merwok
(cherry picked from commit 4ed3900041)
Co-authored-by: Abhigyan Bose <abhigyandeepbose@gmail.com>
In expression (?(group)...) an appropriate re.error is now
raised if the group number refers to not defined group.
Previously it raised RuntimeError: invalid SRE code.
(cherry picked from commit 48ec61a89a)
(cherry picked from commit 080781cd49)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
re.error is now raised instead of TypeError.
(cherry picked from commit 6ccfa31421)
(cherry picked from commit 9c18d783c3)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
For things like test_asyncio.test_thread this was causing frequent
"environment modified by test" errors as the executor threads had not
always stopped running after the test was over.
(cherry picked from commit 61570ae0bc)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
* fix the comparison of character and integer by using ord()
* 📜🤖 Added by blurb_it.
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
(cherry picked from commit 9300b6d729)
Co-authored-by: Yu Liu <yuki.liu@utexas.edu>
Also removed asynchat, asyncore, and smtpd from their respective toctree entries so they are only in the superceded subtree.
(cherry picked from commit 9ac2de922a)
Co-authored-by: Brett Cannon <brett@python.org>
Automerge-Triggered-By: GH:brettcannon
Document the deprecation of asyncore, asynchat, and smtpd with a slated removal in Python 3.12 thanks to PEP 594..
(cherry picked from commit 7747384643)
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
