Merged revisions 87430 via svnmerge from

svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r87430 | r.david.murray | 2010-12-21 16:53:37 -0500 (Tue, 21 Dec 2010) | 9 lines #4871: check that zipfile password is bytes, and give useful error message. Previously passing a string in as the password would fail either with an assertion error or a TypeError with a confusing error message. Note that a string can't be accepted since zipfile has no way to guess what encoding should be used to turn it into bytes. Patch by Victor Stinner. ........
2010-12-21 21:57:54 +00:00 · 2010-12-21 21:57:54 +00:00 · 30f9c8c684
parent 6cfc5124f2
commit 30f9c8c684
3 changed files with 19 additions and 4 deletions
--- a/Lib/test/test_zipfile.py
+++ b/Lib/test/test_zipfile.py
@ -991,6 +991,12 @@ class DecryptionTests(unittest.TestCase):
        self.zip2.setpassword(b"12345")
        self.assertEqual(self.zip2.read("zero"), self.plain2)

+    def test_unicode_password(self):
+        self.assertRaises(TypeError, self.zip.setpassword, "unicode")
+        self.assertRaises(TypeError, self.zip.read, "test.txt", "python")
+        self.assertRaises(TypeError, self.zip.open, "test.txt", pwd="python")
+        self.assertRaises(TypeError, self.zip.extract, "test.txt", pwd="python")
+

 class TestsWithRandomBinaryFiles(unittest.TestCase):
    def setUp(self):
--- a/Lib/zipfile.py
+++ b/Lib/zipfile.py
@ -880,8 +880,12 @@ class ZipFile:

    def setpassword(self, pwd):
        """Set default password for encrypted files."""
-        assert isinstance(pwd, bytes)
-        self.pwd = pwd
+        if pwd and not isinstance(pwd, bytes):
+            raise TypeError("pwd: expected bytes, got %s" % type(pwd))
+        if pwd:
+            self.pwd = pwd
+        else:
+            self.pwd = None

    def read(self, name, pwd=None):
        """Return file bytes (as a string) for name."""
@ -891,6 +895,8 @@ class ZipFile:
        """Return file-like object for 'name'."""
        if mode not in ("r", "U", "rU"):
            raise RuntimeError('open() requires mode "r", "U", or "rU"')
+        if pwd and not isinstance(pwd, bytes):
+            raise TypeError("pwd: expected bytes, got %s" % type(pwd))
        if not self.fp:
            raise RuntimeError(
                  "Attempt to read ZIP archive that was already closed")
@ -943,8 +949,8 @@ class ZipFile:
            #  completely random, while the 12th contains the MSB of the CRC,
            #  or the MSB of the file time depending on the header type
            #  and is used to check the correctness of the password.
-            bytes = zef_file.read(12)
-            h = list(map(zd, bytes[0:12]))
+            header = zef_file.read(12)
+            h = list(map(zd, header[0:12]))
            if zinfo.flag_bits & 0x8:
                # compare against the file type from extended local headers
                check_byte = (zinfo._raw_time >> 8) & 0xff
--- a/Misc/NEWS
+++ b/Misc/NEWS
@ -24,6 +24,9 @@ Core and Builtins
 Library
 -------

+- Issue #4871: The zipfile module now gives a more useful error message if
+  an attempt is made to use a string to specify the archive password.
+
 - Issue #10750: The ``raw`` attribute of buffered IO objects is now read-only.

 - Issue #6791: Limit header line length (to 65535 bytes) in http.client