Don't use things after they're freed...duh#709
Merged
Conversation
Codecov Report
@@ Coverage Diff @@
## master #709 +/- ##
==========================================
+ Coverage 97.01% 97.02% +<.01%
==========================================
Files 16 16
Lines 5631 5647 +16
Branches 391 392 +1
==========================================
+ Hits 5463 5479 +16
Misses 112 112
Partials 56 56
Continue to review full report at Codecov.
|
reaperhulk
reviewed
Nov 20, 2017
|
|
||
| *none* | ||
|
|
||
| - Corrected a use-after-free with some uses of the ``X509`` API. |
Member
There was a problem hiding this comment.
Should we add a sentence here to state that referencing a previously obtained issuer/subject after a subsequent set call will now raise an exception?
reaperhulk
approved these changes
Nov 20, 2017
bors-fusion Bot
referenced
this pull request
in fusionapp/fusion-index
Nov 27, 2017
169: Scheduled weekly dependency update for week 48 r=mithrandi a=pyup-bot
## Updates
Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.
<table align="center">
<tr>
<td><b>hypothesis</b></td>
<td align="center">3.38.0</td>
<td align="center">»</td>
<td align="center">3.38.5</td>
<td>
<a href="https://pypi.python.org/pypi/hypothesis">PyPI</a> | <a href="https://pyup.io/changelogs/hypothesis/">Changelog</a> | <a href="https://github.com/HypothesisWorks/hypothesis/issues">Repo</a>
</td>
<tr>
<td><b>pyasn1-modules</b></td>
<td align="center">0.1.5</td>
<td align="center">»</td>
<td align="center">0.2.1</td>
<td>
<a href="https://pypi.python.org/pypi/pyasn1-modules">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1-modules/">Changelog</a> | <a href="https://github.com/etingof/pyasn1-modules">Repo</a>
</td>
<tr>
<td><b>pyasn1</b></td>
<td align="center">0.3.7</td>
<td align="center">»</td>
<td align="center">0.4.2</td>
<td>
<a href="https://pypi.python.org/pypi/pyasn1">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1/">Changelog</a> | <a href="https://github.com/etingof/pyasn1">Repo</a>
</td>
<tr>
<td><b>pyopenssl</b></td>
<td align="center">17.3.0</td>
<td align="center">»</td>
<td align="center">17.4.0</td>
<td>
<a href="https://pypi.python.org/pypi/pyopenssl">PyPI</a> | <a href="https://pyup.io/changelogs/pyopenssl/">Changelog</a> | <a href="https://pyopenssl.org/">Homepage</a> | <a href="http://pythonhosted.org/pyOpenSSL/">Docs</a>
</td>
<tr>
<td><b>pyrsistent</b></td>
<td align="center">0.14.0</td>
<td align="center">»</td>
<td align="center">0.14.1</td>
<td>
<a href="https://pypi.python.org/pypi/pyrsistent">PyPI</a> | <a href="https://pyup.io/changelogs/pyrsistent/">Changelog</a> | <a href="http://github.com/tobgu/pyrsistent/">Repo</a>
</td>
</tr>
</table>
## Changelogs
### hypothesis 3.38.0 -> 3.38.5
>### 3.38.5
>-------------------
>This fixes the repr of strategies using lambda that are defined inside
>decorators to include the lambda source.
>This would mostly have been visible when using the
>:ref:`statistics <statistics>` functionality - lambdas used for e.g. filtering
>would have shown up with a ``<unknown>`` as their body. This can still happen,
>but it should happen less often now.
>-------------------
>### 3.38.4
>-------------------
>This release updates the reported :ref:`statistics <statistics>` so that they
>show approximately what fraction of your test run time is spent in data
>generation (as opposed to test execution).
>This work was funded by `Smarkets <https://smarkets.com/>`_.
>-------------------
>### 3.38.3
>-------------------
>This is a documentation release, which ensures code examples are up to date
>by running them as doctests in CI (:issue:`711`).
>-------------------
>### 3.38.2
>-------------------
>This release changes the behaviour of the :attr:`~hypothesis.settings.deadline`
>setting when used with :func:`~hypothesis.strategies.data`: Time spent inside
>calls to ``data.draw`` will no longer be counted towards the deadline time.
>As a side effect of some refactoring required for this work, the way flaky
>tests are handled has changed slightly. You are unlikely to see much difference
>from this, but some error messages will have changed.
>This work was funded by `Smarkets <https://smarkets.com/>`_.
>-------------------
>### 3.38.1
>-------------------
>This patch has a variety of non-user-visible refactorings, removing various
>minor warts ranging from indirect imports to typos in comments.
>-------------------
### pyopenssl 17.3.0 -> 17.4.0
>### 17.4.0
>-------------------
>Backward-incompatible changes:
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>*none*
>Deprecations:
>^^^^^^^^^^^^^
>*none*
>Changes:
>^^^^^^^^
>- Re-added a subset of the ``OpenSSL.rand`` module.
> This subset allows conscientious users to reseed the OpenSSL CSPRNG after fork.
> `708 <https://github.com/pyca/pyopenssl/pull/708>`_
>- Corrected a use-after-free when reusing an issuer or subject from an ``X509`` object after the underlying object has been mutated.
> `709 <https://github.com/pyca/pyopenssl/pull/709>`_
>----
### pyrsistent 0.14.0 -> 0.14.1
>### 0.14.1
> * Equality check performance improvements for pvectors and pmaps. Thanks dtomas for this!
> * Avoid calling factories multiple times for fields that do not change, see PR 120 for for
> details. Thanks teepark for this!
That's it for now!
Happy merging! 🤖
bors-fusion Bot
referenced
this pull request
in fusionapp/entropy
Nov 27, 2017
162: Scheduled weekly dependency update for week 48 r=mithrandi a=pyup-bot
## Updates
Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.
<table align="center">
<tr>
<td><b>pyasn1-modules</b></td>
<td align="center">0.1.5</td>
<td align="center">»</td>
<td align="center">0.2.1</td>
<td>
<a href="https://pypi.python.org/pypi/pyasn1-modules">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1-modules/">Changelog</a> | <a href="https://github.com/etingof/pyasn1-modules">Repo</a>
</td>
<tr>
<td><b>pyasn1</b></td>
<td align="center">0.3.7</td>
<td align="center">»</td>
<td align="center">0.4.2</td>
<td>
<a href="https://pypi.python.org/pypi/pyasn1">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1/">Changelog</a> | <a href="https://github.com/etingof/pyasn1">Repo</a>
</td>
<tr>
<td><b>pyopenssl</b></td>
<td align="center">17.3.0</td>
<td align="center">»</td>
<td align="center">17.4.0</td>
<td>
<a href="https://pypi.python.org/pypi/pyopenssl">PyPI</a> | <a href="https://pyup.io/changelogs/pyopenssl/">Changelog</a> | <a href="https://pyopenssl.org/">Homepage</a> | <a href="http://pythonhosted.org/pyOpenSSL/">Docs</a>
</td>
<tr>
<td><b>pyrsistent</b></td>
<td align="center">0.14.0</td>
<td align="center">»</td>
<td align="center">0.14.1</td>
<td>
<a href="https://pypi.python.org/pypi/pyrsistent">PyPI</a> | <a href="https://pyup.io/changelogs/pyrsistent/">Changelog</a> | <a href="http://github.com/tobgu/pyrsistent/">Repo</a>
</td>
</tr>
</table>
## Changelogs
### pyopenssl 17.3.0 -> 17.4.0
>### 17.4.0
>-------------------
>Backward-incompatible changes:
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>*none*
>Deprecations:
>^^^^^^^^^^^^^
>*none*
>Changes:
>^^^^^^^^
>- Re-added a subset of the ``OpenSSL.rand`` module.
> This subset allows conscientious users to reseed the OpenSSL CSPRNG after fork.
> `708 <https://github.com/pyca/pyopenssl/pull/708>`_
>- Corrected a use-after-free when reusing an issuer or subject from an ``X509`` object after the underlying object has been mutated.
> `709 <https://github.com/pyca/pyopenssl/pull/709>`_
>----
### pyrsistent 0.14.0 -> 0.14.1
>### 0.14.1
> * Equality check performance improvements for pvectors and pmaps. Thanks dtomas for this!
> * Avoid calling factories multiple times for fields that do not change, see PR 120 for for
> details. Thanks teepark for this!
That's it for now!
Happy merging! 🤖
bors-fusion Bot
referenced
this pull request
in fusionapp/documint
Nov 27, 2017
120: Scheduled weekly dependency update for week 48 r=mithrandi a=pyup-bot
## Updates
Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.
<table align="center">
<tr>
<td><b>pyasn1-modules</b></td>
<td align="center">0.1.5</td>
<td align="center">»</td>
<td align="center">0.2.1</td>
<td>
<a href="https://pypi.python.org/pypi/pyasn1-modules">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1-modules/">Changelog</a> | <a href="https://github.com/etingof/pyasn1-modules">Repo</a>
</td>
<tr>
<td><b>pyasn1</b></td>
<td align="center">0.3.7</td>
<td align="center">»</td>
<td align="center">0.4.2</td>
<td>
<a href="https://pypi.python.org/pypi/pyasn1">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1/">Changelog</a> | <a href="https://github.com/etingof/pyasn1">Repo</a>
</td>
<tr>
<td><b>pyopenssl</b></td>
<td align="center">17.3.0</td>
<td align="center">»</td>
<td align="center">17.4.0</td>
<td>
<a href="https://pypi.python.org/pypi/pyopenssl">PyPI</a> | <a href="https://pyup.io/changelogs/pyopenssl/">Changelog</a> | <a href="https://pyopenssl.org/">Homepage</a> | <a href="http://pythonhosted.org/pyOpenSSL/">Docs</a>
</td>
</tr>
</table>
## Changelogs
### pyopenssl 17.3.0 -> 17.4.0
>### 17.4.0
>-------------------
>Backward-incompatible changes:
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>*none*
>Deprecations:
>^^^^^^^^^^^^^
>*none*
>Changes:
>^^^^^^^^
>- Re-added a subset of the ``OpenSSL.rand`` module.
> This subset allows conscientious users to reseed the OpenSSL CSPRNG after fork.
> `708 <https://github.com/pyca/pyopenssl/pull/708>`_
>- Corrected a use-after-free when reusing an issuer or subject from an ``X509`` object after the underlying object has been mutated.
> `709 <https://github.com/pyca/pyopenssl/pull/709>`_
>----
That's it for now!
Happy merging! 🤖
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.