This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author fijall
Recipients arigo, christian.heimes, fijall, hynek, loewis, pitrou
Date 2012-06-14.12:16:47
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1339676208.48.0.978931257844.issue15061@psf.upfronthosting.co.za>
In-reply-to
Content
Hi Christian. It's either secure or it's not. If it's not, there is no point in introducing it at all as I don't think it's a good idea to have a kind-of-secure-but-i-dont-know functions in stdlib.

If you restrict input to bytes it looks okish, but I looked at all the code that's invoked on the C side and it's quite a lot of code. Does you or anyone else actually go and review all the C code that's called via various operations to check if it does or does not depend on the value of various characters? I can't tell myself, it's too long.
History
Date User Action Args
2012-06-14 12:16:48fijallsetrecipients: + fijall, loewis, arigo, pitrou, christian.heimes, hynek
2012-06-14 12:16:48fijallsetmessageid: <1339676208.48.0.978931257844.issue15061@psf.upfronthosting.co.za>
2012-06-14 12:16:47fijalllinkissue15061 messages
2012-06-14 12:16:47fijallcreate