Merged revisions 87430 via svnmerge from

svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r87430 | r.david.murray | 2010-12-21 16:53:37 -0500 (Tue, 21 Dec 2010) | 9 lines

  #4871: check that zipfile password is bytes, and give useful error message.

  Previously passing a string in as the password would fail either with
  an assertion error or a TypeError with a confusing error message.
  Note that a string can't be accepted since zipfile has no way to
  guess what encoding should be used to turn it into bytes.

  Patch by Victor Stinner.
........
This commit is contained in:
R. David Murray 2010-12-21 21:57:54 +00:00
parent 6cfc5124f2
commit 30f9c8c684
3 changed files with 19 additions and 4 deletions

View File

@ -991,6 +991,12 @@ class DecryptionTests(unittest.TestCase):
self.zip2.setpassword(b"12345")
self.assertEqual(self.zip2.read("zero"), self.plain2)
def test_unicode_password(self):
self.assertRaises(TypeError, self.zip.setpassword, "unicode")
self.assertRaises(TypeError, self.zip.read, "test.txt", "python")
self.assertRaises(TypeError, self.zip.open, "test.txt", pwd="python")
self.assertRaises(TypeError, self.zip.extract, "test.txt", pwd="python")
class TestsWithRandomBinaryFiles(unittest.TestCase):
def setUp(self):

View File

@ -880,8 +880,12 @@ class ZipFile:
def setpassword(self, pwd):
"""Set default password for encrypted files."""
assert isinstance(pwd, bytes)
if pwd and not isinstance(pwd, bytes):
raise TypeError("pwd: expected bytes, got %s" % type(pwd))
if pwd:
self.pwd = pwd
else:
self.pwd = None
def read(self, name, pwd=None):
"""Return file bytes (as a string) for name."""
@ -891,6 +895,8 @@ class ZipFile:
"""Return file-like object for 'name'."""
if mode not in ("r", "U", "rU"):
raise RuntimeError('open() requires mode "r", "U", or "rU"')
if pwd and not isinstance(pwd, bytes):
raise TypeError("pwd: expected bytes, got %s" % type(pwd))
if not self.fp:
raise RuntimeError(
"Attempt to read ZIP archive that was already closed")
@ -943,8 +949,8 @@ class ZipFile:
# completely random, while the 12th contains the MSB of the CRC,
# or the MSB of the file time depending on the header type
# and is used to check the correctness of the password.
bytes = zef_file.read(12)
h = list(map(zd, bytes[0:12]))
header = zef_file.read(12)
h = list(map(zd, header[0:12]))
if zinfo.flag_bits & 0x8:
# compare against the file type from extended local headers
check_byte = (zinfo._raw_time >> 8) & 0xff

View File

@ -24,6 +24,9 @@ Core and Builtins
Library
-------
- Issue #4871: The zipfile module now gives a more useful error message if
an attempt is made to use a string to specify the archive password.
- Issue #10750: The ``raw`` attribute of buffered IO objects is now read-only.
- Issue #6791: Limit header line length (to 65535 bytes) in http.client