Issue 33262: Deprecate shlex.split(None) to read from stdin. - Python tracker

classification

Title:	Deprecate shlex.split(None) to read from stdin.
Type:	behavior	Stage:	patch review
Components:	Library (Lib)	Versions:	Python 3.8

process

Status:	open	Resolution:
Dependencies:		Superseder:
Assigned To:		Nosy List:	ZackerySpytz, christian.heimes, eric.smith, n_rosenstein
Priority:	normal	Keywords:	patch

Created on 2018-04-11 10:28 by christian.heimes, last changed 2018-08-13 19:23 by n_rosenstein.

Pull Requests
URL	Status	Linked	Edit
PR 6514	open	ZackerySpytz, 2018-04-17 19:35

Messages (3)
msg315189 - (view)	Author: Christian Heimes (christian.heimes) *	Date: 2018-04-11 10:28
The shlex module implements simple tokenize for a shell-like mini language. The shlex.split() function splits a string into subcomponents just like a typical Unix shell. However function has a surprising feature. When None is passed into shlex.split(). Note: Since the split() function instantiates a shlex instance, passing None for s will read the string to split from standard input. https://docs.python.org/3/library/shlex.html#shlex.split This is both surprising, unnecessary and potentially dangerous. Reading from sys.stdin is a blocking operation. In case an application doesn't account for None, shlex.split(value) could lead to a blocked server application. I suggest to deprecate and eventually remove this mis-feature. Credits: David R. MacIver reported the bug on Twitter: https://twitter.com/DRMacIver/status/984001867985367040
msg315209 - (view)	Author: Eric V. Smith (eric.smith) *	Date: 2018-04-12 00:01
I agree that it should be deprecated. That's crazy behavior. I'd also recommend that shlex.shlex with instream=None be deprecated, but maybe that's too radical. It seems way too easy to accidentally pass in None.
msg323489 - (view)	Author: Niklas Rosenstein (n_rosenstein)	Date: 2018-08-13 19:23
I've just run into this as well -- I thought it was a bug until I found this issue. I also think that this is anything from sane.

History
Date	User	Action	Args
2018-08-13 19:23:19	n_rosenstein	set	nosy: + n_rosenstein messages: + msg323489
2018-04-17 19:37:07	ZackerySpytz	set	nosy: + ZackerySpytz components: + Library (Lib)
2018-04-17 19:35:17	ZackerySpytz	set	keywords: + patch stage: needs patch -> patch review pull_requests: + pull_request6207
2018-04-12 00:01:13	eric.smith	set	nosy: + eric.smith messages: + msg315209
2018-04-11 10:28:49	christian.heimes	create