Message 240594 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	serhiy.storchaka, steve.dower, tim.golden, vstinner, zach.ware
Date	2015-04-13.07:29:37
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1428910178.22.0.113359488774.issue23908@psf.upfronthosting.co.za>
In-reply-to

Content
> The patch doesn't contain tests because I can't test them. But they should be simple, just pass a path with null character to os function. IMO this issue is a bug, so you must write an unit test to test for non regression. One test for FileIO, another for the os module should be enough, and you can test them on UNIX since the behaviour now must be the same. Except of the test, path_converter_null_char.patch looks good to me. Do you want to fix Python 2.7 and 3.4? A filename with an embedded null character can be a security vulnerability, so it's good to fix these versions too.

> The patch doesn't contain tests because I can't test them. But they should be simple, just pass a path with null character to os function.

IMO this issue is a bug, so you must write an unit test to test for non regression. One test for FileIO, another for the os module should be enough, and you can test them on UNIX since the behaviour now must be the same.

Except of the test, path_converter_null_char.patch looks good to me.

Do you want to fix Python 2.7 and 3.4? A filename with an embedded null character can be a security vulnerability, so it's good to fix these versions too.

History
Date	User	Action	Args
2015-04-13 07:29:38	vstinner	set	recipients: + vstinner, tim.golden, zach.ware, serhiy.storchaka, steve.dower
2015-04-13 07:29:38	vstinner	set	messageid: <1428910178.22.0.113359488774.issue23908@psf.upfronthosting.co.za>
2015-04-13 07:29:38	vstinner	link	issue23908 messages
2015-04-13 07:29:37	vstinner	create