Commit Graph

6822 Commits

Author SHA1 Message Date
Guido van Rossum d0753e20b2 At Barry's suggestion, plug the security leak by using an empty
__builtins__ for all calls to eval().  This still allows someone to
write string.atof("[1]*1000000") (which Jim Fulton worries about) but
effectively disables access to system modules and functions.
1997-12-10 22:59:55 +00:00
Guido van Rossum 90d62ab0a1 Since this module is used as a fallback in case no built-in modules
have been configured, string.atof() should not fail when "import re"
fails (usually because pcre is not there).

This opens up a tiny security hole: *if* an attacker can make "import
re" fail, they can also make string.atof(arbitrary_string) evaluate
the arbitrary string.  Nothing to keep me awake at night...
1997-12-10 22:35:02 +00:00
Guido van Rossum e680546894 Don't specify base 0 to string.atoi when unpickling integers in text
mode.  The pickler always uses base 10 so the default base should be
fine.  (The base gets us in trouble when there's no strop module, as
the atoi() in string.py only supports base 10.  This is for JPython.)
1997-12-10 19:36:41 +00:00
Guido van Rossum 87908f5925 New names. 1997-12-10 18:57:35 +00:00
Guido van Rossum d58daff686 Planned release date for 1.5b2. 1997-12-10 18:56:48 +00:00
Guido van Rossum e44a8d9987 Support uue and x-uue as short names for uuencode. 1997-12-10 18:54:36 +00:00
Guido van Rossum 9ab94c18d8 Doc strings and reformatting with 4 spaces bty Mitch Chapman.
Untabified and minor tweaks by me.
1997-12-10 16:17:39 +00:00
Guido van Rossum 24e62e2c7c Modified quicksort by Raymund Galvin, after studying the GNU libg++
quicksort.  This should be much faster if there are lots of
duplicates, and otherwise at least as good.
1997-12-10 15:14:24 +00:00
Guido van Rossum 3b99430808 # Use proper temp subdir for intermediates. 1997-12-10 15:12:23 +00:00
Guido van Rossum d6af46d4ae Need a cast when comparing type object in isinstance() 1997-12-10 05:51:47 +00:00
Guido van Rossum d5559576c9 Start calling it 1.5b2 1997-12-10 05:51:13 +00:00
Guido van Rossum 4fdd1fafb2 Comment out CODE and DATA statements that are apparently obsolete. 1997-12-10 05:50:55 +00:00
Guido van Rossum d666eae55a Adding a new project: pythonw, or WinMain.c, containing a main program
that doesn't have a console window attached.  stdout/stderr are lost.
This is handy though for things like grail.
1997-12-10 05:50:18 +00:00
Guido van Rossum 736fe5e918 Document binary format and __init__-free unpickling. Added a pointer
to cPickle.
1997-12-09 20:45:08 +00:00
Guido van Rossum a42c17851c Turn the table for flags into a nested itemized environment. 1997-12-09 20:41:47 +00:00
Guido van Rossum c525e43b42 Add a test for a bad format character. 1997-12-09 20:37:25 +00:00
Guido van Rossum 231a41e708 Add explicit check for correct next character in format at end of
format.  This will complain about illegal formats like "O#" instead of
ignoring the '#'.
1997-12-09 20:36:39 +00:00
Guido van Rossum eefcba61f4 Fix a little mess (Likecode{...} -> Like \code{...}) in recently added text. 1997-12-09 19:47:24 +00:00
Guido van Rossum 8291bb3693 Reference to PYTHONPATH should be PYTHONSTARTUP. 1997-12-09 19:46:45 +00:00
Guido van Rossum 28f9a68deb Added note about the module's obsolescence. 1997-12-09 19:45:47 +00:00
Guido van Rossum 5bdea89c89 # Typos in the comments giving the names of two recently added distributions. 1997-12-09 19:43:18 +00:00
Guido van Rossum ba179051aa Fix the way the version number is gotten out of the RCS revision. 1997-12-09 19:39:12 +00:00
Guido van Rossum 1a24bb53d5 Fix the test for pow() -- no more TypeErrors are raised! 1997-12-09 19:38:39 +00:00
Guido van Rossum ebd05eb10b Typo: RUSAGE_CHILDERN -> RUSAGE_CHILDREN. 1997-12-09 19:35:48 +00:00
Guido van Rossum 8d9c2e33e1 LC_MESSAGES is not defined on all systems; use #ifdef LC_MESSAGES. 1997-12-09 19:35:11 +00:00
Guido van Rossum b978d18fec Guess... :-) 1997-12-09 16:56:41 +00:00
Guido van Rossum 3d20986d96 Checking in ConfigParser.py -- I don't see a reason why this can't be
liberated.  This was originally written by Ken and later revamped by
Barry.
1997-12-09 16:10:31 +00:00
Guido van Rossum b1823ad83f v 0.8.3 -- add an option to suppress URL processing inside <PRE>,
by Scott <scott@chronis.icgroup.com>
1997-12-09 16:04:46 +00:00
Fred Drake fc5d8b198a libainstall: Install Modules/Setup.thread in addition to Modules/Setup and
Modules/Setup.local.

	Guido:  I hope this is ok; it seems to make a lot of sense to get the
	whole trio of module config files installed as a set rather than
	doing it partially.
1997-12-09 15:18:33 +00:00
Guido van Rossum 138dac5a1b Added more warnings about ni's demise. 1997-12-09 15:03:41 +00:00
Guido van Rossum 7b8970ac88 Deleting ni.py; renamed to ni1.py, really. 1997-12-09 14:58:26 +00:00
Guido van Rossum 6599fb0917 Make close(), and hence __del__(), robust in the light of the world
being destroyed already.
1997-12-09 14:18:33 +00:00
Guido van Rossum 19b55f2d17 Fix subtle bug in cleanup code in PyErr_NormalizeException(), detected
by Marc Lemburg.  There's a path through the code where *val is NULL,
but value isn't, and value should be DECREF'ed.
1997-12-09 14:11:39 +00:00
Fred Drake a2e268aa40 Mark file names with \file{} instead of \code{}. 1997-12-09 03:28:42 +00:00
Guido van Rossum 41999c164e Doc strings by Mitch Chapman (with a little reformatting).
Also reformatted the whole module with 4 spaces and no tabs.
1997-12-09 00:12:23 +00:00
Guido van Rossum 1707aad27c Changed the finalization order again so that the reference count
printing (when Py_DEBUG is defined) happens while there's still a
current thread...
1997-12-08 23:43:45 +00:00
Guido van Rossum be1eb0d9ed (1) call mktime() just before strftime(); it normalizes the buffer and
may set the timezone name for BSD systems...

(2) fake all of the timezone variables for the mac.
1997-12-08 21:56:43 +00:00
Guido van Rossum 6a99984e79 Use long() instead of int() to compare mktime(localtime(t) with t... 1997-12-08 21:48:01 +00:00
Fred Drake c5aec05967 Separated the definitions of ntohs(), ntohl(), htons(), htonl(). Separate
descriptions really make things look a bit better, and should improve the
ability to re-purpose the content.
1997-12-08 21:25:41 +00:00
Fred Drake 8ca70069a6 Added Emacs turd so this file has the correct mode in Emacs / X/Emacs, even
if you don't have .perl in your mode table.
1997-12-08 20:59:54 +00:00
Fred Drake a5a3cdcf4d Added Emacs turd so this file has the correct mode in Emacs / X/Emacs.
clean_key():  Override the standard LaTeX2HTML clean_key() to remove a
	leading HTML tag, if present.  This broke the indexes for the library
	reference (at least) since many of the strings began with <code> or
	something similar.
1997-12-08 20:58:13 +00:00
Guido van Rossum a417b66204 Updated the README to the current status. Added a note about the
"times" option.
1997-12-08 20:51:26 +00:00
Guido van Rossum 0b334104ac New version from AMK -- with minor corrections to make it legal latex. 1997-12-08 17:33:40 +00:00
Guido van Rossum 5070060d40 New pcre version from AMK 1997-12-08 17:15:20 +00:00
Guido van Rossum dfa6790bd6 New re version from AMK 1997-12-08 17:12:06 +00:00
Fred Drake f3d729c8f9 Fixed SFT #23842: leave in non-standard style options when checking in an
update.  ;-(
1997-12-08 15:48:35 +00:00
Guido van Rossum cd8732a482 Remove the last bits of log from the leading comments. 1997-12-08 15:16:08 +00:00
Guido van Rossum 9716aaa14c Jim Fulton:
- Loading non-binary string pickles checks for insecure
          strings. This is needed because cPickle (still)
          uses a restricted eval to parse non-binary string pickles.
          This change is needed to prevent untrusted
          pickles like::

            "S'hello world'*2000000\012p0\012."

          from hosing an application.

        - User-defined types can now support unpickling without
          executing a constructor.

          The second value returned from __reduce__ can now be None,
          rather than an argument tuple. On unpickling, if the second
          value returned from __reduce__ during pickling was None, then
          rather than calling the first value returned from __reduce__,
          directly, the __basicnew__ method of the first value returned
          from __reduce__ is called without arguments.
1997-12-08 15:15:16 +00:00
Fred Drake 61280916f6 For RedHat Linux 5.0, added notes about needing to remove the LinuxThreads
package, and -lcrypt for the crypt module.
1997-12-08 14:10:40 +00:00
Guido van Rossum 94ce0d1963 Add special handling for Python modules that are imported implicitly
by the Python runtime: 'site' and 'exceptions'.
1997-12-08 05:01:06 +00:00