Message326867
Jeremy Kloth: "This is also an issue on Windows when the target path resides within a junction, paths outside of a junction respond (err, fail) as expected."
https://developercommunity.visualstudio.com/content/problem/272379/createfile-non-error-on-filename-with-trailing-bac.html
I don't know the behavior on Windows. I tried to create a file name "a\" (U+0061, U+005C): I get an OSError "invalid argument" (error 22).
I confirm that in a junction point, I am able to:
* open an existing file with an additional trailing antislash (U+005C): the extra character is simply ignored and I am able to open the file
* create a new file with an additional trailing antislash (U+005C): the filename is created without the trailing antislash
On the PR, I wrote:
> There are much more functions which "open a file". Open Python/fileutils.c for a few mores. What about os.open()? What about all other functions which accept a filename and then call a third party library which calls open() directly?
Ok, let me give some examples of function which directly open a file:
* fileutils.c: _Py_open(), _Py_open_noraise(), _Py_wfopen(), _Py_fopen(), _Py_fopen_obj()
* os.open()
* _io.FileIO, _pyio.FileIO (use os.open())
Ok... But there are other functions to access files... stat()/fstat() functions:
* fileutils.c: _Py_fstat_noraise(), _Py_fstat(), _Py_stat()
* Modules/getpath.c: _Py_wstat()
* os.stat(), os.lstat(), os.fstat()
To start to have a better ideas of how many functions accept filenames, open also Lib/shutil.py. shutil.copyfile() uses os.stat(), but then it uses os.symlink() and open()... So what about os.symlink()?
Ok, here I only listen a *few* examples of functions which are "controlled" by Python. But there are *many* wrappers to 3rd party libraries which accept a filename. Examples:
* _ssl.SSLContext.load_cert_chain()
* sqlite3.connect()
* etc.
Where is the limit? How many functions must be patched in Python? How do we patch OpenSSL and SQLite libraries?
Python is designed as a thin wrapper to the operating system. IMHO Python must not validate the filename itself.
--
> Going back to issue17234 - there has been a test to check that a URL with a trailing slash reports 404 status.
IMHO you must fix a single place: the SimpleHTTPServer, not all code handling the filesytem.
Same remark for AIX and Windows junctions.
I suggest to reject this issue. |
|
Date |
User |
Action |
Args |
2018-10-02 08:36:02 | vstinner | set | recipients:
+ vstinner, jkloth, Michael.Felt |
2018-10-02 08:36:01 | vstinner | set | messageid: <1538469361.99.0.545547206417.issue34711@psf.upfronthosting.co.za> |
2018-10-02 08:36:01 | vstinner | link | issue34711 messages |
2018-10-02 08:36:01 | vstinner | create | |
|