Don't use things after they're freed...duh #709
Merged
Conversation
Codecov Report
@@ Coverage Diff @@
## master #709 +/- ##
==========================================
+ Coverage 97.01% 97.02% +<.01%
==========================================
Files 16 16
Lines 5631 5647 +16
Branches 391 392 +1
==========================================
+ Hits 5463 5479 +16
Misses 112 112
Partials 56 56
Continue to review full report at Codecov.
|
CHANGELOG.rst
Outdated
|
|
||
| - Corrected a use-after-free with some uses of the ``X509`` API. |
reaperhulk
Nov 20, 2017
Member
Should we add a sentence here to state that referencing a previously obtained issuer/subject after a subsequent set call will now raise an exception?
Should we add a sentence here to state that referencing a previously obtained issuer/subject after a subsequent set call will now raise an exception?
bors-fusion bot
added a commit
to fusionapp/fusion-index
that referenced
this pull request
Nov 27, 2017
169: Scheduled weekly dependency update for week 48 r=mithrandi a=pyup-bot
## Updates
Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.
<table align="center">
<tr>
<td><b>hypothesis</b></td>
<td align="center">3.38.0</td>
<td align="center">»</td>
<td align="center">3.38.5</td>
<td>
<a href="https://pypi.python.org/pypi/hypothesis">PyPI</a> | <a href="https://pyup.io/changelogs/hypothesis/">Changelog</a> | <a href="https://github.com/HypothesisWorks/hypothesis/issues">Repo</a>
</td>
<tr>
<td><b>pyasn1-modules</b></td>
<td align="center">0.1.5</td>
<td align="center">»</td>
<td align="center">0.2.1</td>
<td>
<a href="https://pypi.python.org/pypi/pyasn1-modules">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1-modules/">Changelog</a> | <a href="https://github.com/etingof/pyasn1-modules">Repo</a>
</td>
<tr>
<td><b>pyasn1</b></td>
<td align="center">0.3.7</td>
<td align="center">»</td>
<td align="center">0.4.2</td>
<td>
<a href="https://pypi.python.org/pypi/pyasn1">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1/">Changelog</a> | <a href="https://github.com/etingof/pyasn1">Repo</a>
</td>
<tr>
<td><b>pyopenssl</b></td>
<td align="center">17.3.0</td>
<td align="center">»</td>
<td align="center">17.4.0</td>
<td>
<a href="https://pypi.python.org/pypi/pyopenssl">PyPI</a> | <a href="https://pyup.io/changelogs/pyopenssl/">Changelog</a> | <a href="https://pyopenssl.org/">Homepage</a> | <a href="http://pythonhosted.org/pyOpenSSL/">Docs</a>
</td>
<tr>
<td><b>pyrsistent</b></td>
<td align="center">0.14.0</td>
<td align="center">»</td>
<td align="center">0.14.1</td>
<td>
<a href="https://pypi.python.org/pypi/pyrsistent">PyPI</a> | <a href="https://pyup.io/changelogs/pyrsistent/">Changelog</a> | <a href="http://github.com/tobgu/pyrsistent/">Repo</a>
</td>
</tr>
</table>
## Changelogs
### hypothesis 3.38.0 -> 3.38.5
>### 3.38.5
>-------------------
>This fixes the repr of strategies using lambda that are defined inside
>decorators to include the lambda source.
>This would mostly have been visible when using the
>:ref:`statistics <statistics>` functionality - lambdas used for e.g. filtering
>would have shown up with a ``<unknown>`` as their body. This can still happen,
>but it should happen less often now.
>-------------------
>### 3.38.4
>-------------------
>This release updates the reported :ref:`statistics <statistics>` so that they
>show approximately what fraction of your test run time is spent in data
>generation (as opposed to test execution).
>This work was funded by `Smarkets <https://smarkets.com/>`_.
>-------------------
>### 3.38.3
>-------------------
>This is a documentation release, which ensures code examples are up to date
>by running them as doctests in CI (:issue:`711`).
>-------------------
>### 3.38.2
>-------------------
>This release changes the behaviour of the :attr:`~hypothesis.settings.deadline`
>setting when used with :func:`~hypothesis.strategies.data`: Time spent inside
>calls to ``data.draw`` will no longer be counted towards the deadline time.
>As a side effect of some refactoring required for this work, the way flaky
>tests are handled has changed slightly. You are unlikely to see much difference
>from this, but some error messages will have changed.
>This work was funded by `Smarkets <https://smarkets.com/>`_.
>-------------------
>### 3.38.1
>-------------------
>This patch has a variety of non-user-visible refactorings, removing various
>minor warts ranging from indirect imports to typos in comments.
>-------------------
### pyopenssl 17.3.0 -> 17.4.0
>### 17.4.0
>-------------------
>Backward-incompatible changes:
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>*none*
>Deprecations:
>^^^^^^^^^^^^^
>*none*
>Changes:
>^^^^^^^^
>- Re-added a subset of the ``OpenSSL.rand`` module.
> This subset allows conscientious users to reseed the OpenSSL CSPRNG after fork.
> `708 <https://github.com/pyca/pyopenssl/pull/708>`_
>- Corrected a use-after-free when reusing an issuer or subject from an ``X509`` object after the underlying object has been mutated.
> `709 <https://github.com/pyca/pyopenssl/pull/709>`_
>----
### pyrsistent 0.14.0 -> 0.14.1
>### 0.14.1
> * Equality check performance improvements for pvectors and pmaps. Thanks dtomas for this!
> * Avoid calling factories multiple times for fields that do not change, see PR 120 for for
> details. Thanks teepark for this!
That's it for now!
Happy merging! 🤖
bors-fusion bot
added a commit
to fusionapp/entropy
that referenced
this pull request
Nov 27, 2017
162: Scheduled weekly dependency update for week 48 r=mithrandi a=pyup-bot
## Updates
Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.
<table align="center">
<tr>
<td><b>pyasn1-modules</b></td>
<td align="center">0.1.5</td>
<td align="center">»</td>
<td align="center">0.2.1</td>
<td>
<a href="https://pypi.python.org/pypi/pyasn1-modules">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1-modules/">Changelog</a> | <a href="https://github.com/etingof/pyasn1-modules">Repo</a>
</td>
<tr>
<td><b>pyasn1</b></td>
<td align="center">0.3.7</td>
<td align="center">»</td>
<td align="center">0.4.2</td>
<td>
<a href="https://pypi.python.org/pypi/pyasn1">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1/">Changelog</a> | <a href="https://github.com/etingof/pyasn1">Repo</a>
</td>
<tr>
<td><b>pyopenssl</b></td>
<td align="center">17.3.0</td>
<td align="center">»</td>
<td align="center">17.4.0</td>
<td>
<a href="https://pypi.python.org/pypi/pyopenssl">PyPI</a> | <a href="https://pyup.io/changelogs/pyopenssl/">Changelog</a> | <a href="https://pyopenssl.org/">Homepage</a> | <a href="http://pythonhosted.org/pyOpenSSL/">Docs</a>
</td>
<tr>
<td><b>pyrsistent</b></td>
<td align="center">0.14.0</td>
<td align="center">»</td>
<td align="center">0.14.1</td>
<td>
<a href="https://pypi.python.org/pypi/pyrsistent">PyPI</a> | <a href="https://pyup.io/changelogs/pyrsistent/">Changelog</a> | <a href="http://github.com/tobgu/pyrsistent/">Repo</a>
</td>
</tr>
</table>
## Changelogs
### pyopenssl 17.3.0 -> 17.4.0
>### 17.4.0
>-------------------
>Backward-incompatible changes:
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>*none*
>Deprecations:
>^^^^^^^^^^^^^
>*none*
>Changes:
>^^^^^^^^
>- Re-added a subset of the ``OpenSSL.rand`` module.
> This subset allows conscientious users to reseed the OpenSSL CSPRNG after fork.
> `708 <https://github.com/pyca/pyopenssl/pull/708>`_
>- Corrected a use-after-free when reusing an issuer or subject from an ``X509`` object after the underlying object has been mutated.
> `709 <https://github.com/pyca/pyopenssl/pull/709>`_
>----
### pyrsistent 0.14.0 -> 0.14.1
>### 0.14.1
> * Equality check performance improvements for pvectors and pmaps. Thanks dtomas for this!
> * Avoid calling factories multiple times for fields that do not change, see PR 120 for for
> details. Thanks teepark for this!
That's it for now!
Happy merging! 🤖
bors-fusion bot
added a commit
to fusionapp/documint
that referenced
this pull request
Nov 27, 2017
120: Scheduled weekly dependency update for week 48 r=mithrandi a=pyup-bot
## Updates
Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.
<table align="center">
<tr>
<td><b>pyasn1-modules</b></td>
<td align="center">0.1.5</td>
<td align="center">»</td>
<td align="center">0.2.1</td>
<td>
<a href="https://pypi.python.org/pypi/pyasn1-modules">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1-modules/">Changelog</a> | <a href="https://github.com/etingof/pyasn1-modules">Repo</a>
</td>
<tr>
<td><b>pyasn1</b></td>
<td align="center">0.3.7</td>
<td align="center">»</td>
<td align="center">0.4.2</td>
<td>
<a href="https://pypi.python.org/pypi/pyasn1">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1/">Changelog</a> | <a href="https://github.com/etingof/pyasn1">Repo</a>
</td>
<tr>
<td><b>pyopenssl</b></td>
<td align="center">17.3.0</td>
<td align="center">»</td>
<td align="center">17.4.0</td>
<td>
<a href="https://pypi.python.org/pypi/pyopenssl">PyPI</a> | <a href="https://pyup.io/changelogs/pyopenssl/">Changelog</a> | <a href="https://pyopenssl.org/">Homepage</a> | <a href="http://pythonhosted.org/pyOpenSSL/">Docs</a>
</td>
</tr>
</table>
## Changelogs
### pyopenssl 17.3.0 -> 17.4.0
>### 17.4.0
>-------------------
>Backward-incompatible changes:
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>*none*
>Deprecations:
>^^^^^^^^^^^^^
>*none*
>Changes:
>^^^^^^^^
>- Re-added a subset of the ``OpenSSL.rand`` module.
> This subset allows conscientious users to reseed the OpenSSL CSPRNG after fork.
> `708 <https://github.com/pyca/pyopenssl/pull/708>`_
>- Corrected a use-after-free when reusing an issuer or subject from an ``X509`` object after the underlying object has been mutated.
> `709 <https://github.com/pyca/pyopenssl/pull/709>`_
>----
That's it for now!
Happy merging! 🤖
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
No description provided.