Integer to and from text conversions via CPython's bignum `int` type is not safe against denial of service attacks due to malicious input. Very large input strings with hundred thousands of digits can consume several CPU seconds.
This PR comes fresh from a pile of work done in our private PSRT security response team repo.
This backports https://github.com/python/cpython/pull/96499 aka 511ca94520
Signed-off-by: Christian Heimes [Red Hat] <christian@python.org>
Tons-of-polishing-up-by: Gregory P. Smith [Google] <greg@krypto.org>
Reviews via the private PSRT repo via many others (see the NEWS entry in the PR).
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
I wrote up [a one pager for the release managers](https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y/edit#).
If one selects whole lines, as the sidebar makes easy, do not
add an extra line. Only move the end of a selection to the
beginning of the next line when not already at the beginning
of a line. (Also improve the surrounding code.)
(cherry picked from commit fc31a13dc1)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Signed-off-by: Tal Einat <532281+taleinat@users.noreply.github.com>
(cherry picked from commit adef445dc3)
Co-authored-by: Tal Einat <532281+taleinat@users.noreply.github.com>
Left click and drag to select lines. With selection, right click for context menu with copy and copy-with-prompts.
Also add copy-with-prompts to the text-box context menu.
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Remove call to macosx.setupApp, which calls macosc.overrideRootMenu, which modifies
the menus, which results in two failures in the second round of the leak test.
Gregory P. Smith