where ``<builder>`` is one of html, text, latex, or htmlhelp (for explanations
see the make targets above).
+Deprecation header
+==================
+
+Following the sunsetting of Python 2.7, a red banner displays at the
+top of each page redirecting to the corresponding page on
+``https://docs.python.org/3/``.
+
Contributing
============
/* propagate error */
}
- while (item = PyIter_Next(iterator)) {
+ while ((item = PyIter_Next(iterator))) {
/* do something with item */
...
/* release reference when done */
.. c:function:: int PyList_SetItem(PyObject *list, Py_ssize_t index, PyObject *item)
- Set the item at index *index* in list to *item*. Return ``0`` on success
- or ``-1`` on failure.
+ Set the item at index *index* in list to *item*. Return ``0`` on success.
+ If *index* is out of bounds, return ``-1`` and set an :exc:`IndexError`
+ exception.
.. note::
Return a list of the objects in *list* containing the objects *between* *low*
and *high*. Return *NULL* and set an exception if unsuccessful. Analogous
- to ``list[low:high]``. Negative indices, as when slicing from Python, are not
- supported.
+ to ``list[low:high]``. Indexing from the end of the list is not supported.
.. versionchanged:: 2.5
This function used an :c:type:`int` for *low* and *high*. This might
Set the slice of *list* between *low* and *high* to the contents of
*itemlist*. Analogous to ``list[low:high] = itemlist``. The *itemlist* may
be *NULL*, indicating the assignment of an empty list (slice deletion).
- Return ``0`` on success, ``-1`` on failure. Negative indices, as when
- slicing from Python, are not supported.
+ Return ``0`` on success, ``-1`` on failure. Indexing from the end of the
+ list is not supported.
.. versionchanged:: 2.5
This function used an :c:type:`int` for *low* and *high*. This might
.. c:function:: PyObject* PyTuple_GetItem(PyObject *p, Py_ssize_t pos)
Return the object at position *pos* in the tuple pointed to by *p*. If *pos* is
- out of bounds, return *NULL* and sets an :exc:`IndexError` exception.
+ out of bounds, return *NULL* and set an :exc:`IndexError` exception.
.. versionchanged:: 2.5
This function used an :c:type:`int` type for *pos*. This might require
.. c:function:: PyObject* PyTuple_GetSlice(PyObject *p, Py_ssize_t low, Py_ssize_t high)
- Take a slice of the tuple pointed to by *p* from *low* to *high* and return it
- as a new tuple.
+ Return the slice of the tuple pointed to by *p* between *low* and *high*,
+ or *NULL* on failure. This is the equivalent of the Python expression
+ ``p[low:high]``. Indexing from the end of the list is not supported.
.. versionchanged:: 2.5
This function used an :c:type:`int` type for *low* and *high*. This might
.. c:function:: int PyTuple_SetItem(PyObject *p, Py_ssize_t pos, PyObject *o)
Insert a reference to object *o* at position *pos* of the tuple pointed to by
- *p*. Return ``0`` on success.
+ *p*. Return ``0`` on success. If *pos* is out of bounds, return ``-1``
+ and set an :exc:`IndexError` exception.
.. note::
- This function "steals" a reference to *o*.
+ This function "steals" a reference to *o* and discards a reference to
+ an item already in the tuple at the affected position.
.. versionchanged:: 2.5
This function used an :c:type:`int` type for *pos*. This might require
.. note::
- This function "steals" a reference to *o*.
+ This macro "steals" a reference to *o*, and, unlike
+ :c:func:`PyTuple_SetItem`, does *not* discard a reference to any item that
+ is being replaced; any reference in the tuple at position *pos* will be
+ leaked.
.. versionchanged:: 2.5
This function used an :c:type:`int` type for *pos*. This might require
# Split the index
html_split_index = True
+html_context = {
+ 'outdated': True
+}
+
# Options for LaTeX output
# ------------------------
Python and this documentation is:
-Copyright © 2001-2019 Python Software Foundation. All rights reserved.
+Copyright © 2001-2020 Python Software Foundation. All rights reserved.
Copyright © 2000 BeOpen.com. All rights reserved.
There is no return value.
+ .. method:: locked()
+ Return true if the lock is acquired.
+
+
.. _rlock-objects:
In May 2000, Guido and the Python core development team moved to BeOpen.com to
form the BeOpen PythonLabs team. In October of the same year, the PythonLabs
team moved to Digital Creations (now Zope Corporation; see
-http://www.zope.com/). In 2001, the Python Software Foundation (PSF, see
+https://www.zope.org/). In 2001, the Python Software Foundation (PSF, see
https://www.python.org/psf/) was formed, a non-profit organization created
specifically to own Python-related Intellectual Property. Zope Corporation is a
sponsoring member of the PSF.
analyze, test, perform and/or display publicly, prepare derivative works,
distribute, and otherwise use Python |release| alone or in any derivative
version, provided, however, that PSF's License Agreement and PSF's notice of
- copyright, i.e., "Copyright © 2001-2019 Python Software Foundation; All Rights
+ copyright, i.e., "Copyright © 2001-2020 Python Software Foundation; All Rights
Reserved" are retained in Python |release| alone or in any derivative version
prepared by Licensee.
c-api/arg,,:ref,"PyArg_ParseTuple(args, ""O|O:ref"", &object, &callback)"
c-api/list,,:high,list[low:high]
c-api/sequence,,:i2,o[i1:i2]
+c-api/tuple,,:high,p[low:high]
c-api/unicode,,:end,str[start:end]
distutils/setupscript,,::,
extending/embedding,,:numargs,"if(!PyArg_ParseTuple(args, "":numargs""))"
<li><a href="https://docs.python.org/3.7/">{% trans %}Python 3.7 (stable){% endtrans %}</a></li>
<li><a href="https://docs.python.org/3.6/">{% trans %}Python 3.6 (security-fixes){% endtrans %}</a></li>
<li><a href="https://docs.python.org/3.5/">{% trans %}Python 3.5 (security-fixes){% endtrans %}</a></li>
- <li><a href="https://docs.python.org/2.7/">{% trans %}Python 2.7 (stable){% endtrans %}</a></li>
+ <li><a href="https://docs.python.org/2.7/">{% trans %}Python 2.7 (EOL){% endtrans %}</a></li>
<li><a href="https://www.python.org/doc/versions/">{% trans %}All versions{% endtrans %}</a></li>
</ul>
{% extends "!layout.html" %}
+{% block header %}
+{%- if outdated %}
+<div id="outdated-warning" style="padding: .5em; text-align: center; background-color: #FFBABA; color: #6A0E0E;">
+ {% trans %}This document is for an old version of Python that is {% endtrans %}<a href="https://devguide.python.org/devcycle/#end-of-life-branches">{% trans %}no longer supported{% endtrans %}</a>.
+ {% trans %}You should upgrade and read the {% endtrans %}
+ <a href="https://docs.python.org/{{ language + '/' if language and language != 'en' else '' }}3/{{ pagename }}{{ file_suffix }}">{% trans %} Python documentation for the current stable release{% endtrans %}</a>.
+</div>
+{%- endif %}
+{% endblock %}
+
{% block rootrellink %}
<li><img src="{{ pathto('_static/py.png', 1) }}" alt=""
style="vertical-align: middle; margin-top: -1px"/></li>
/*--start constants--*/
#define PY_MAJOR_VERSION 2
#define PY_MINOR_VERSION 7
-#define PY_MICRO_VERSION 17
+#define PY_MICRO_VERSION 18
#define PY_RELEASE_LEVEL PY_RELEASE_LEVEL_FINAL
#define PY_RELEASE_SERIAL 0
/* Version as a string */
-#define PY_VERSION "2.7.17"
+#define PY_VERSION "2.7.18"
/*--end constants--*/
/* Subversion Revision number of this file (not of the repository). Empty
distribute, and otherwise use Python alone or in any derivative version,
provided, however, that PSF's License Agreement and PSF's notice of copyright,
i.e., "Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
-2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019 Python Software Foundation;
+2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Python Software Foundation;
All Rights Reserved" are retained in Python alone or in any derivative version
prepared by Licensee.
(?::(\d\d))? # optional seconds
)? # optional clock
\s*
- ([-+]?\d{2,4}|(?![APap][Mm]\b)[A-Za-z]+)? # timezone
+ (?:
+ ([-+]?\d{2,4}|(?![APap][Mm]\b)[A-Za-z]+) # timezone
+ \s*
+ )?
+ (?:
+ \(\w+\) # ASCII representation of timezone in parens.
\s*
- (?:\(\w+\))? # ASCII representation of timezone in parens.
- \s*$""", re.X)
+ )?$""", re.X)
def http2time(text):
"""Returns time in seconds since epoch of time represented by a string.
return _str2time(day, mon, yr, hr, min, sec, tz)
ISO_DATE_RE = re.compile(
- """^
+ r"""^
(\d{4}) # year
[-\/]?
(\d\d?) # numerical month
(?::?(\d\d(?:\.\d*)?))? # optional seconds (and fractional)
)? # optional clock
\s*
- ([-+]?\d\d?:?(:?\d\d)?
- |Z|z)? # timezone (Z is "zero meridian", i.e. GMT)
- \s*$""", re.X)
+ (?:
+ ([-+]?\d\d?:?(:?\d\d)?
+ |Z|z) # timezone (Z is "zero meridian", i.e. GMT)
+ \s*
+ )?$""", re.X)
def iso2time(text):
"""
As for http2time, but parses the ISO 8601 formats:
read = infile.read
write = outfile.write
+ # Remove newline chars from filename
+ filename = filename.replace('\n','\\n')
+ filename = filename.replace('\r','\\r')
+
# Encode
write('begin %o %s\n' % (mode & 0777, filename))
chunk = read(45)
(self.host, self.port) = self._get_hostport(host, port)
+ self._validate_host(self.host)
+
# This is stored as an instance variable to allow unittests
# to replace with a suitable mock
self._create_connection = socket.create_connection
).format(matched=match.group(), url=url)
raise InvalidURL(msg)
+ def _validate_host(self, host):
+ """Validate a host so it doesn't contain control characters."""
+ # Prevent CVE-2019-18348.
+ match = _contains_disallowed_url_pchar_re.search(host)
+ if match:
+ msg = (
+ "URL can't contain control characters. {host!r} "
+ "(found at least {matched!r})"
+ ).format(matched=match.group(), host=host)
+ raise InvalidURL(msg)
+
def putheader(self, header, *values):
"""Send a request header line to the server.
"{r for l in x if g}",
# setcomp with naked tuple
"{r for l,m in x}",
+ # Decorated FunctionDef
+ "@deco1\n@deco2()\n@deco3(1)\ndef f(): pass",
+ # Decorated ClassDef
+ "@deco1\n@deco2()\n@deco3(1)\nclass C: pass",
+ # Decorator with generator argument
+ "@deco(a for a in b)\ndef f(): pass",
]
# These are compiled through "single"
('Module', [('Expr', (1, 0), ('DictComp', (1, 1), ('Name', (1, 1), 'a', ('Load',)), ('Name', (1, 5), 'b', ('Load',)), [('comprehension', ('Tuple', (1, 11), [('Name', (1, 11), 'v', ('Store',)), ('Name', (1, 13), 'w', ('Store',))], ('Store',)), ('Name', (1, 18), 'x', ('Load',)), [])]))]),
('Module', [('Expr', (1, 0), ('SetComp', (1, 1), ('Name', (1, 1), 'r', ('Load',)), [('comprehension', ('Name', (1, 7), 'l', ('Store',)), ('Name', (1, 12), 'x', ('Load',)), [('Name', (1, 17), 'g', ('Load',))])]))]),
('Module', [('Expr', (1, 0), ('SetComp', (1, 1), ('Name', (1, 1), 'r', ('Load',)), [('comprehension', ('Tuple', (1, 7), [('Name', (1, 7), 'l', ('Store',)), ('Name', (1, 9), 'm', ('Store',))], ('Store',)), ('Name', (1, 14), 'x', ('Load',)), [])]))]),
+('Module', [('FunctionDef', (1, 0), 'f', ('arguments', [], None, None, []), [('Pass', (4, 9))], [('Name', (1, 1), 'deco1', ('Load',)), ('Call', (2, 1), ('Name', (2, 1), 'deco2', ('Load',)), [], [], None, None), ('Call', (3, 1), ('Name', (3, 1), 'deco3', ('Load',)), [('Num', (3, 7), 1)], [], None, None)])]),
+('Module', [('ClassDef', (1, 0), 'C', [], [('Pass', (4, 9))], [('Name', (1, 1), 'deco1', ('Load',)), ('Call', (2, 1), ('Name', (2, 1), 'deco2', ('Load',)), [], [], None, None), ('Call', (3, 1), ('Name', (3, 1), 'deco3', ('Load',)), [('Num', (3, 7), 1)], [], None, None)])]),
+('Module', [('FunctionDef', (1, 0), 'f', ('arguments', [], None, None, []), [('Pass', (2, 9))], [('Call', (1, 1), ('Name', (1, 1), 'deco', ('Load',)), [('GeneratorExp', (1, 6), ('Name', (1, 6), 'a', ('Load',)), [('comprehension', ('Name', (1, 12), 'a', ('Store',)), ('Name', (1, 17), 'b', ('Load',)), [])])], [], None, None)])]),
]
single_results = [
('Interactive', [('Expr', (1, 0), ('BinOp', (1, 0), ('Num', (1, 0), 1), ('Add',), ('Num', (1, 2), 2)))]),
import re
import time
-from cookielib import http2time, time2isoz, time2netscape
+from cookielib import http2time, time2isoz, iso2time, time2netscape
from unittest import TestCase
from test import test_support
"http2time(test) %s" % (test, http2time(test))
)
+ def test_http2time_redos_regression_actually_completes(self):
+ # LOOSE_HTTP_DATE_RE was vulnerable to malicious input which caused catastrophic backtracking (REDoS).
+ # If we regress to cubic complexity, this test will take a very long time to succeed.
+ # If fixed, it should complete within a fraction of a second.
+ http2time("01 Jan 1970{}00:00:00 GMT!".format(" " * 10 ** 5))
+ http2time("01 Jan 1970 00:00:00{}GMT!".format(" " * 10 ** 5))
+
+ def test_iso2time_performance_regression(self):
+ # If ISO_DATE_RE regresses to quadratic complexity, this test will take a very long time to succeed.
+ # If fixed, it should complete within a fraction of a second.
+ iso2time('1994-02-03{}14:15:29 -0100!'.format(' '*10**6))
+ iso2time('1994-02-03 14:15:29{}-0100!'.format(' '*10**6))
+
class HeaderTests(TestCase):
with self.assertRaisesRegexp(socket.error, "Invalid response"):
conn._tunnel()
- def test_putrequest_override_validation(self):
+ def test_putrequest_override_domain_validation(self):
"""
It should be possible to override the default validation
behavior in putrequest (bpo-38216).
conn.sock = FakeSocket('')
conn.putrequest('GET', '/\x00')
+ def test_putrequest_override_host_validation(self):
+ class UnsafeHTTPConnection(httplib.HTTPConnection):
+ def _validate_host(self, url):
+ pass
+
+ conn = UnsafeHTTPConnection('example.com\r\n')
+ conn.sock = FakeSocket('')
+ # set skip_host so a ValueError is not raised upon adding the
+ # invalid URL as the value of the "Host:" header
+ conn.putrequest('GET', '/', skip_host=1)
+
class OfflineTest(TestCase):
def test_responses(self):
)
if quirky_platform:
expected_errno = errno.ERANGE
- self.assertEqual(e.errno, expected_errno)
+ if 'darwin' in sys.platform:
+ # macOS 10.15 may return errno.ENOENT instead
+ self.assertIn(e.errno, (errno.ENOENT, errno.ENAMETOOLONG))
+ else:
+ self.assertEqual(e.errno, expected_errno)
finally:
os.chdir('..')
os.rmdir(dirname)
class PyCompileTests(unittest.TestCase):
def setUp(self):
- self.directory = tempfile.mkdtemp()
+ self.directory = tempfile.mkdtemp(dir=os.getcwd())
self.source_path = os.path.join(self.directory, '_test.py')
self.pyc_path = self.source_path + 'c'
self.cwd_drive = os.path.splitdrive(os.getcwd())[0]
)
@unittest.skipUnless(ssl, "ssl module required")
- def test_url_with_control_char_rejected(self):
+ def test_url_path_with_control_char_rejected(self):
for char_no in range(0, 0x21) + range(0x7f, 0x100):
char = chr(char_no)
schemeless_url = "//localhost:7777/test%s/" % char
self.unfakehttp()
@unittest.skipUnless(ssl, "ssl module required")
- def test_url_with_newline_header_injection_rejected(self):
+ def test_url_path_with_newline_header_injection_rejected(self):
self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.")
host = "localhost:7777?a=1 HTTP/1.1\r\nX-injected: header\r\nTEST: 123"
schemeless_url = "//" + host + ":8080/test/?test=a"
# calls urllib.parse.quote() on the URL which makes all of the
# above attempts at injection within the url _path_ safe.
InvalidURL = httplib.InvalidURL
- with self.assertRaisesRegexp(
- InvalidURL, r"contain control.*\\r.*(found at least . .)"):
- urllib2.urlopen("http:" + schemeless_url)
- with self.assertRaisesRegexp(InvalidURL, r"contain control.*\\n"):
- urllib2.urlopen("https:" + schemeless_url)
+ with self.assertRaisesRegexp(InvalidURL,
+ r"contain control.*\\r.*(found at least . .)"):
+ urllib2.urlopen("http:{}".format(schemeless_url))
+ with self.assertRaisesRegexp(InvalidURL,
+ r"contain control.*\\n"):
+ urllib2.urlopen("https:{}".format(schemeless_url))
finally:
self.unfakehttp()
+ @unittest.skipUnless(ssl, "ssl module required")
+ def test_url_host_with_control_char_rejected(self):
+ for char_no in list(range(0, 0x21)) + [0x7f]:
+ char = chr(char_no)
+ schemeless_url = "//localhost{}/test/".format(char)
+ self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.")
+ try:
+ escaped_char_repr = repr(char).replace('\\', r'\\')
+ InvalidURL = httplib.InvalidURL
+ with self.assertRaisesRegexp(InvalidURL,
+ "contain control.*{}".format(escaped_char_repr)):
+ urllib2.urlopen("http:{}".format(schemeless_url))
+ with self.assertRaisesRegexp(InvalidURL,
+ "contain control.*{}".format(escaped_char_repr)):
+ urllib2.urlopen("https:{}".format(schemeless_url))
+ finally:
+ self.unfakehttp()
class RequestTests(unittest.TestCase):
import unittest
from test import test_support
+from test.test_urllib2net import skip_ftp_test_on_travis
import socket
import urllib
self.assertIn("Python", response.read())
+class urlopen_FTPTest(unittest.TestCase):
+ FTP_TEST_FILE = 'ftp://www.pythontest.net/README'
+ NUM_FTP_RETRIEVES = 3
+
+ @skip_ftp_test_on_travis
+ def test_multiple_ftp_retrieves(self):
+
+ with test_support.transient_internet(self.FTP_TEST_FILE):
+ try:
+ for file_num in range(self.NUM_FTP_RETRIEVES):
+ with test_support.temp_dir() as td:
+ urllib.FancyURLopener().retrieve(self.FTP_TEST_FILE,
+ os.path.join(td, str(file_num)))
+ except IOError as e:
+ self.fail("Failed FTP retrieve while accessing ftp url "
+ "multiple times.\n Error message was : %s" % e)
+
+ @skip_ftp_test_on_travis
+ def test_multiple_ftp_urlopen_same_host(self):
+ with test_support.transient_internet(self.FTP_TEST_FILE):
+ ftp_fds_to_close = []
+ try:
+ for _ in range(self.NUM_FTP_RETRIEVES):
+ fd = urllib.urlopen(self.FTP_TEST_FILE)
+ # test ftp open without closing fd as a supported scenario.
+ ftp_fds_to_close.append(fd)
+ except IOError as e:
+ self.fail("Failed FTP binary file open. "
+ "Error message was: %s" % e)
+ finally:
+ # close the open fds
+ for fd in ftp_fds_to_close:
+ fd.close()
+
+
def test_main():
test_support.requires('network')
with test_support.check_py3k_warnings(
test_support.run_unittest(URLTimeoutTest,
urlopenNetworkTests,
urlretrieveNetworkTests,
- urlopen_HttpsTests)
+ urlopen_HttpsTests,
+ urlopen_FTPTest)
if __name__ == "__main__":
test_main()
import cStringIO
import sys
import uu
+import io
plaintext = "The smooth-scaled python crept over the sleeping dog\n"
decoded = codecs.decode(encodedtext, "uu_codec")
self.assertEqual(decoded, plaintext)
+ def test_newlines_escaped(self):
+ # Test newlines are escaped with uu.encode
+ inp = io.BytesIO(plaintext)
+ out = io.BytesIO()
+ filename = "test.txt\n\roverflow.txt"
+ safefilename = b"test.txt\\n\\roverflow.txt"
+ uu.encode(inp, out, filename)
+ self.assertIn(safefilename, out.getvalue())
+
class UUStdIOTest(unittest.TestCase):
def setUp(self):
return (ftpobj, retrlen)
def endtransfer(self):
+ if not self.busy:
+ return
self.busy = 0
+ try:
+ self.ftp.voidresp()
+ except ftperrors():
+ pass
def close(self):
self.keepalive = False
name = '-'
if mode is None:
mode = 0666
+
+ #
+ # Remove newline chars from name
+ #
+ name = name.replace('\n','\\n')
+ name = name.replace('\r','\\r')
+
#
# Write the data
#
For 10.6 or greater deployment targets, build-installer builds and links
with its own copy of Tcl/Tk 8.6 and the rest of this paragraph does not
apply. Otherwise, build-installer requires an installed third-party version
-of Tcl/Tk 8.4 (for OS X 10.4 and 10.5 deployment targets) or Tcl/TK 8.5
-(for 10.6 or later) installed in /Library/Frameworks. When installed,
-the Python built by this script will attempt to dynamically link first to
-Tcl and Tk frameworks in /Library/Frameworks if available otherwise fall
-back to the ones in /System/Library/Framework. For the build, we recommend
+of Tcl/Tk 8.4 (for OS X 10.4 and 10.5 deployment targets) installed in
+/Library/Frameworks. For 10.4 or 10.5, the Python built by this script
+when installed will attempt to dynamically link first to Tcl and Tk frameworks
+in /Library/Frameworks if available otherwise fall back to the ones in
+/System/Library/Framework. For 10.4 or 10.5, we recommend
installing the most recent ActiveTcl 8.5 or 8.4 version, depending
on the deployment target. The actual version linked to depends on the
path of /Library/Frameworks/{Tcl,Tk}.framework/Versions/Current.
result.extend([
dict(
- name="OpenSSL 1.0.2t",
- url="https://www.openssl.org/source/openssl-1.0.2t.tar.gz",
- checksum='ef66581b80f06eae42f5268bc0b50c6d',
+ name="OpenSSL 1.0.2u",
+ url="https://www.openssl.org/source/old/1.0.2/openssl-1.0.2u.tar.gz",
+ checksum='cdc2638f789ecc2db2c91488265686c1',
buildrecipe=build_universal_openssl,
configure=None,
install=None,
),
),
dict(
- name="SQLite 3.28.0",
- url="https://www.sqlite.org/2019/sqlite-autoconf-3280000.tar.gz",
- checksum='3c68eb400f8354605736cd55400e1572',
+ name="SQLite 3.31.1",
+ url="https://sqlite.org/2020/sqlite-autoconf-3310100.tar.gz",
+ checksum='2d0a553534c521504e3ac3ad3b90f125',
extra_cflags=('-Os '
'-DSQLITE_ENABLE_FTS5 '
'-DSQLITE_ENABLE_FTS4 '
-{\rtf1\ansi\ansicpg1252\cocoartf1671\cocoasubrtf600
-{\fonttbl\f0\fswiss\fcharset0 Helvetica-Bold;\f1\fswiss\fcharset0 Helvetica;\f2\fmodern\fcharset0 CourierNewPS-BoldMT;
+{\rtf1\ansi\ansicpg1252\cocoartf2511
+\cocoatextscaling0\cocoaplatform0{\fonttbl\f0\fswiss\fcharset0 Helvetica-Bold;\f1\fswiss\fcharset0 Helvetica;\f2\fmodern\fcharset0 CourierNewPS-BoldMT;
\f3\fmodern\fcharset0 CourierNewPSMT;}
{\colortbl;\red255\green255\blue255;}
{\*\expandedcolortbl;;}
\
In 1995, Guido continued his work on Python at the Corporation for National Research Initiatives (CNRI, see http://www.cnri.reston.va.us) in Reston, Virginia where he released several versions of the software.\
\
-In May 2000, Guido and the Python core development team moved to BeOpen.com to form the BeOpen PythonLabs team. In October of the same year, the PythonLabs team moved to Digital Creations (now Zope Corporation, see http://www.zope.com). In 2001, the Python Software Foundation (PSF, see http://www.python.org/psf/) was formed, a non-profit organization created specifically to own Python-related Intellectual Property. Zope Corporation is a sponsoring member of the PSF.\
+In May 2000, Guido and the Python core development team moved to BeOpen.com to form the BeOpen PythonLabs team. In October of the same year, the PythonLabs team moved to Digital Creations (now Zope Corporation, see http://www.zope.org). In 2001, the Python Software Foundation (PSF, see http://www.python.org/psf/) was formed, a non-profit organization created specifically to own Python-related Intellectual Property. Zope Corporation is a sponsoring member of the PSF.\
\
All Python releases are Open Source (see http://www.opensource.org for the Open Source Definition). Historically, most, but not all, Python releases have also been GPL-compatible; the table below summarizes the various releases.\
\
\f1\b0 \
1. This LICENSE AGREEMENT is between the Python Software Foundation ("PSF"), and the Individual or Organization ("Licensee") accessing and otherwise using this software ("Python") in source or binary form and its associated documentation.\
\
-2. Subject to the terms and conditions of this License Agreement, PSF hereby grants Licensee a nonexclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use Python alone or in any derivative version, provided, however, that PSF's License Agreement and PSF's notice of copyright, i.e., "Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019 Python Software Foundation; All Rights Reserved" are retained in Python alone or in any derivative version prepared by Licensee.\
+2. Subject to the terms and conditions of this License Agreement, PSF hereby grants Licensee a nonexclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use Python alone or in any derivative version, provided, however, that PSF's License Agreement and PSF's notice of copyright, i.e., "Copyright \'a9 2001-2020 Python Software Foundation; All Rights Reserved" are retained in Python alone or in any derivative version prepared by Licensee.\
\
3. In the event Licensee prepares a derivative work that is based on or incorporates Python or any part thereof, and wants to make the derivative work available to others as provided herein, then Licensee hereby agrees to include in any such work a brief summary of the changes made to Python.\
\
-{\rtf1\ansi\ansicpg1252\cocoartf1671\cocoasubrtf600
-{\fonttbl\f0\fswiss\fcharset0 Helvetica;\f1\fswiss\fcharset0 Helvetica-Bold;\f2\fswiss\fcharset0 Helvetica-Oblique;
+{\rtf1\ansi\ansicpg1252\cocoartf2512
+\cocoatextscaling0\cocoaplatform0{\fonttbl\f0\fswiss\fcharset0 Helvetica;\f1\fswiss\fcharset0 Helvetica-Bold;\f2\fswiss\fcharset0 Helvetica-Oblique;
\f3\fmodern\fcharset0 CourierNewPSMT;}
{\colortbl;\red255\green255\blue255;}
{\*\expandedcolortbl;;}
\f0\fs24 \cf0 This package will install Python $FULL_VERSION for macOS $MACOSX_DEPLOYMENT_TARGET for the following architecture(s): $ARCHITECTURES.\
\
\pard\tx720\tx1440\tx2160\tx2880\tx3600\tx4320\tx5040\tx5760\tx6480\tx7200\tx7920\tx8640\partightenfactor0
-\cf0 NOTE:
-\f1\b \ul Python 2 reaches end-of-life in 2020 and will no longer be supported or updated thereafter\ulnone .
+
+\f1\b \cf0 NOTE: \ul Python 2.7,x has now reached end-of-life. This release, Python 2.7.18, is the FINAL RELEASE of Python 2.7.x. It will no longer be supported or updated\ulnone .
\f0\b0 You should
\f1\b upgrade to Python 3
\f0\b0 as soon as you can. {\field{\*\fldinst{HYPERLINK "https://www.python.org/doc/sunset-python-2/"}}{\fldrslt Read more here}}.\
\f0\b0 \ulnone \
\
\pard\tx720\tx1440\tx2160\tx2880\tx3600\tx4320\tx5040\tx5760\tx6480\tx7200\tx7920\tx8640\partightenfactor0
-\cf0 In almost all cases, you should use the
+\cf0 Use the
\f1\b macOS 64-bit installer for OS X 10.9 and later
-\f0\b0 .\
-\
-The legacy
+\f0\b0 . As of 2.7.18, the deprecated
\f1\b macOS 64-bit/32-bit installer for Mac OS X 10.6 and later
-\f0\b0 variant is now deprecated. macOS 10.6 Snow Leopard was released in 2009 and has not been supported by Apple for many years including lack of security updates. It is becoming increasingly difficult to ensure new Python features and bug fixes are compatible with such old systems. Note that, due to recent Apple installer packaging changes, the 10.6+ installer pkg we provide can no longer be opened by the Apple system installer application on 10.6; 10.7 and 10.8 are not affected. We believe that there is now very little usage of this installer variant and so we would like to focus our resources on supporting newer systems. We do not plan to intentionally break Python support on 10.6 through 10.8 and we will consider bug fixes for problems found when building from source on those systems through the support window of Python 2.7.
-\f1\b macOS 10.15 Catalina
-\f0\b0 removes support for running 32-bit architecture programs; we do not recommend trying to use the 10.6+ variant on it and it may not install on 10.15 systems without intervention. \
+\f0\b0 variant is no longer provided. \
\pard\tx720\tx1440\tx2160\tx2880\tx3600\tx4320\tx5040\tx5760\tx6480\tx7200\tx7920\tx8640\pardirnatural\partightenfactor0
-\f1\b \cf0 \ul \
+\f1\b \cf0 \ul \ulc0 \
Using IDLE or other Tk applications
\f0\b0 \ulnone \
\
-{\rtf1\ansi\ansicpg1252\cocoartf1671\cocoasubrtf600
-\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;\f1\fswiss\fcharset0 Helvetica-Bold;\f2\fmodern\fcharset0 CourierNewPSMT;
+{\rtf1\ansi\ansicpg1252\cocoartf2512
+\cocoascreenfonts1\cocoatextscaling0\cocoaplatform0{\fonttbl\f0\fswiss\fcharset0 Helvetica;\f1\fswiss\fcharset0 Helvetica-Bold;\f2\fmodern\fcharset0 CourierNewPSMT;
}
{\colortbl;\red255\green255\blue255;}
{\*\expandedcolortbl;;}
\f0 to install a set of current SSL root certificates.\
\
-\f1\b NOTE: \ul Python 2 reaches end-of-life in 2020 and will no longer be supported or updated thereafter\ulnone .
+\f1\b NOTE: \ul Python 2.7,x has now reached end-of-life. This release, Python 2.7.18, is the FINAL RELEASE of Python 2.7.x. It will no longer be supported or updated\ulnone .
\f0\b0 You should
\f1\b upgrade to Python 3
\f0\b0 as soon as you can. {\field{\*\fldinst{HYPERLINK "https://www.python.org/doc/sunset-python-2/"}}{\fldrslt Read more here}}.\
<key>CFBundleExecutable</key>
<string>PythonLauncher</string>
<key>CFBundleGetInfoString</key>
- <string>%VERSION%, © 2001-2019 Python Software Foundation</string>
+ <string>%VERSION%, © 2001-2020 Python Software Foundation</string>
<key>CFBundleIconFile</key>
<string>PythonLauncher.icns</string>
<key>CFBundleIdentifier</key>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleLongVersionString</key>
- <string>%version%, (c) 2001-2019 Python Software Foundation.</string>
+ <string>%version%, (c) 2001-2020 Python Software Foundation.</string>
<key>CFBundleName</key>
<string>Python</string>
<key>CFBundlePackageType</key>
Zach Byrne
Nicolas Cadou
Jp Calderone
+Ben Caller
Arnaud Calmettes
Daniel Calvelo
Tony Campbell
Python News
+++++++++++
+What's New in Python 2.7.18 final?
+==================================
+
+*Release date: 2020-04-19*
+
+There were no new changes in version 2.7.18.
+
+
+
+What's New in Python 2.7.18 release candidate 1?
+================================================
+
+*Release date: 2020-04-04*
+
+Security
+--------
+
+- bpo-38945: Newline characters have been escaped when performing uu
+ encoding to prevent them from overflowing into to content section of the
+ encoded file. This prevents malicious or accidental modification of data
+ during the decoding process.
+
+- bpo-38804: Fixes a ReDoS vulnerability in :mod:`http.cookiejar`. Patch by
+ Ben Caller.
+
+Core and Builtins
+-----------------
+
+- bpo-38535: Fixed line numbers and column offsets for AST nodes for calls
+ without arguments in decorators.
+
+Library
+-------
+
+- bpo-38576: Disallow control characters in hostnames in http.client,
+ addressing CVE-2019-18348. Such potentially malicious header injection
+ URLs now cause a InvalidURL to be raised.
+
+- bpo-27973: Fix urllib.urlretrieve failing on subsequent ftp transfers from
+ the same host.
+
+Build
+-----
+
+- bpo-38730: Fix problems identified by GCC's ``-Wstringop-truncation``
+ warning.
+
+Windows
+-------
+
+- bpo-37025: ``AddRefActCtx()`` was needlessly being checked for failure in
+ ``PC/dl_nt.c``.
+
+macOS
+-----
+
+- bpo-38295: Prevent failure of test_relative_path in test_py_compile on
+ macOS Catalina.
+
+C API
+-----
+
+- bpo-38540: Fixed possible leak in :c:func:`PyArg_Parse` and similar
+ functions for format units ``"es#"`` and ``"et#"`` when the macro
+ :c:macro:`PY_SSIZE_T_CLEAN` is not defined.
+
+
What's New in Python 2.7.17 final?
==================================
# define _CRT_RAND_S
#endif
+#ifdef _WIN32
+# include "winconfig.h"
+#elif defined(HAVE_EXPAT_CONFIG_H)
+# include <expat_config.h>
+#endif /* ndef _WIN32 */
+
#include <stddef.h>
#include <string.h> /* memset(), memcpy() */
#include <assert.h>
#define XML_BUILDING_EXPAT 1
-#ifdef _WIN32
-# include "winconfig.h"
-#elif defined(HAVE_EXPAT_CONFIG_H)
-# include <expat_config.h>
-#endif /* ndef _WIN32 */
-
#include "ascii.h"
#include "expat.h"
#include "siphash.h"
USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
+#ifdef _WIN32
+# include "winconfig.h"
+#else
+# ifdef HAVE_EXPAT_CONFIG_H
+# include <expat_config.h>
+# endif
+#endif /* ndef _WIN32 */
+
#include <stddef.h>
#include <string.h> /* memcpy */
# include <stdbool.h>
#endif
-#ifdef _WIN32
-# include "winconfig.h"
-#else
-# ifdef HAVE_EXPAT_CONFIG_H
-# include <expat_config.h>
-# endif
-#endif /* ndef _WIN32 */
-
#include "expat_external.h"
#include "internal.h"
#include "xmltok.h"
if (tmpbuffer[0] == SEP)
/* tmpbuffer should never be longer than MAXPATHLEN,
but extra check does not hurt */
- strncpy(argv0_path, tmpbuffer, MAXPATHLEN);
+ strncpy(argv0_path, tmpbuffer, MAXPATHLEN + 1);
else {
/* Interpret relative to progpath */
reduce(argv0_path);
static int
validate_terminal(node *terminal, int type, char *string)
{
- int res = (validate_ntype(terminal, type)
- && ((string == 0) || (strcmp(string, STR(terminal)) == 0)));
-
- if (!res && !PyErr_Occurred()) {
+ if (!validate_ntype(terminal, type)) {
+ return 0;
+ }
+ if (string != NULL && strcmp(string, STR(terminal)) != 0) {
PyErr_Format(parser_error,
"Illegal terminal: expected \"%s\"", string);
+ return 0;
}
- return (res);
+ return 1;
}
q = p;
p = PyMem_Malloc(n+2);
if (p != NULL) {
- strncpy(p, q, n);
+ memcpy(p, q, n);
p[n] = '\n';
p[n+1] = '\0';
}
cleared in PyErr_CheckSignals() before .tripped. */
is_tripped = 1;
Py_AddPendingCall(checksignals_witharg, NULL);
- if (wakeup_fd != -1)
- write(wakeup_fd, "\0", 1);
+ if (wakeup_fd != -1) {
+ int rc = write(wakeup_fd, "\0", 1);
+ (void)rc;
+ }
}
static void
unsigned int count, i;
unsigned char buffer[46];
size_t length;
- char path[MAXPATHLEN + 5];
- char name[MAXPATHLEN + 5];
+ char name[MAXPATHLEN + 1];
+ char path[2*MAXPATHLEN + 2]; /* archive + SEP + name + '\0' */
const char *errmsg = NULL;
if (strlen(archive) > MAXPATHLEN) {
}
}
- strncpy(path + length + 1, name, MAXPATHLEN - length - 1);
+ memcpy(path + length + 1, name, name_size + 1);
t = Py_BuildValue("sHIIkHHI", path, compress, data_size,
file_size, file_offset, time, date, crc);
}
/* "typename(", limited to TYPE_MAXSIZE */
- len = strlen(typ->tp_name) > TYPE_MAXSIZE ? TYPE_MAXSIZE :
- strlen(typ->tp_name);
- strncpy(pbuf, typ->tp_name, len);
+ len = strlen(typ->tp_name);
+ if (len > TYPE_MAXSIZE) {
+ len = TYPE_MAXSIZE;
+ }
+ pbuf = memcpy(pbuf, typ->tp_name, len);
pbuf += len;
*pbuf++ = '(';
typedef BOOL (WINAPI * PFN_GETCURRENTACTCTX)(HANDLE *);
typedef BOOL (WINAPI * PFN_ACTIVATEACTCTX)(HANDLE, ULONG_PTR *);
typedef BOOL (WINAPI * PFN_DEACTIVATEACTCTX)(DWORD, ULONG_PTR);
-typedef BOOL (WINAPI * PFN_ADDREFACTCTX)(HANDLE);
-typedef BOOL (WINAPI * PFN_RELEASEACTCTX)(HANDLE);
+typedef void (WINAPI * PFN_ADDREFACTCTX)(HANDLE);
+typedef void (WINAPI * PFN_RELEASEACTCTX)(HANDLE);
// locals and function pointers for this activation context magic.
static HANDLE PyWin_DLLhActivationContext = NULL; // one day it might be public
// and capture our activation context for use when loading extensions.
_LoadActCtxPointers();
if (pfnGetCurrentActCtx && pfnAddRefActCtx)
- if ((*pfnGetCurrentActCtx)(&PyWin_DLLhActivationContext))
- if (!(*pfnAddRefActCtx)(PyWin_DLLhActivationContext))
- OutputDebugString("Python failed to load the default activation context\n");
+ if ((*pfnGetCurrentActCtx)(&PyWin_DLLhActivationContext)) {
+ (*pfnAddRefActCtx)(PyWin_DLLhActivationContext);
+ }
+ else {
+ OutputDebugString("Python failed to load the default "
+ "activation context\n");
+ return FALSE;
+ }
break;
case DLL_PROCESS_DETACH:
name_expr = NULL;
}
else if (NCH(n) == 5) { /* Call with no arguments */
- d = Call(name_expr, NULL, NULL, NULL, NULL, LINENO(n),
- n->n_col_offset, c->c_arena);
+ d = Call(name_expr, NULL, NULL, NULL, NULL,
+ name_expr->lineno, name_expr->col_offset,
+ c->c_arena);
if (!d)
return NULL;
name_expr = NULL;
}
plen = strlen(p);
- if (plen + nlen >= PY_SSIZE_T_MAX - 1) {
+ if (nlen >= PY_SSIZE_T_MAX - 1 - plen) {
PyErr_SetString(PyExc_OverflowError,
"private identifier too large to be mangled");
return NULL;
/* ident = "_" + p[:plen] + name # i.e. 1+plen+nlen bytes */
buffer = PyString_AS_STRING(ident);
buffer[0] = '_';
- strncpy(buffer+1, p, plen);
+ memcpy(buffer+1, p, plen);
strcpy(buffer+1+plen, name);
return ident;
}
memcpy(*buffer,
PyString_AS_STRING(s),
size + 1);
- STORE_SIZE(size);
+
+ if (flags & FLAG_SIZE_T) {
+ *q2 = size;
+ }
+ else {
+ if (INT_MAX < size) {
+ Py_DECREF(s);
+ PyErr_SetString(PyExc_OverflowError,
+ "size does not fit in an int");
+ return converterr("", arg, msgbuf, bufsize);
+ }
+ *q = (int)size;
+ }
} else {
/* Using a 0-terminated buffer:
static char cprt[] =
"\
-Copyright (c) 2001-2019 Python Software Foundation.\n\
+Copyright (c) 2001-2020 Python Software Foundation.\n\
All Rights Reserved.\n\
\n\
Copyright (c) 2000 BeOpen.com.\n\
"Module name too long");
return NULL;
}
- strncpy(buf, start, len);
+ memcpy(buf, start, len);
buf[len] = '\0';
pkgname = PyString_FromString(buf);
if (pkgname == NULL) {
"Module name too long");
return NULL;
}
- strncpy(p, name, len);
+ memcpy(p, name, len);
p[len] = '\0';
*p_buflen = p+len-buf;
Py_DECREF(result);
return NULL;
}
- strncpy(buf, name, len);
+ memcpy(buf, name, len);
buf[len] = '\0';
*p_buflen = len;
}
-This is Python version 2.7.17
+This is Python version 2.7.18
=============================
Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011,
-2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019 Python Software Foundation. All
+2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Python Software Foundation. All
rights reserved.
Copyright (c) 2000 BeOpen.com.
('Lib/', 'Lib', '**/*', include_in_lib),
('libs/', 'PCBuild/$arch', '*.lib', include_in_libs),
('Tools/', 'Tools', '**/*', include_in_tools),
- ('/', '', 'LICENSE', None),
+ ('/', '', 'LICENSE*', None),
]
EMBED_LAYOUT = [
]
OPENSSL_RECENT_VERSIONS = [
- "1.0.2p",
- "1.1.0i",
- "1.1.1",
+ "1.0.2t",
+ "1.1.0l",
+ "1.1.1f",
]
LIBRESSL_OLD_VERSIONS = [
projects / platform / upstream / python.git / commitdiff