Message 390353 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	Joel Croteau, christian.heimes, docs@python, eric.smith, gc2, lukasz.langa, ncoghlan, ned.deily, pmoody, serhiy.storchaka, steve.dower, vstinner
Date	2021-04-06.17:19:01
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1617729541.65.0.12208326274.issue36384@roundup.psfhosted.org>
In-reply-to

Content
> In this case, having it off by default goes further to prevent breakage PyYAML was unsafe by default: it allowed to execute arbitary Python code by default. It took years to change the default to "safe". I don't think that adding a parameter for opt-in for security is a good approach. An application can use ipaddress internally without being aware of using it, if it's done by a third party module. It's hard to prevent security vulnerabilities if people have to "opt-in" for security. I prefer to break code and force people to manually get back the old behavior. It's better to make 90% safe by default but make 10% of people unhappy. It's uncommon to pass IPv4 addresses with leading zeros. If you want to tolerate leading zeros, you don't have to modify the ipaddress for that, you can pre-process your inputs: it works on any Python version with or without the fix. >>> def reformat_ip(address): return '.'.join(part.lstrip('0') if part != '0' else part for part in address.split('.')) ... >>> reformat_ip('0127.0.0.1') '127.0.0.1' Or with an explicit loop for readability: def reformat_ip(address): parts = [] for part in address.split('.'): if part != "0": part = part.lstrip('0') parts.append(part) return '.'.join(parts)

> In this case, having it off by default goes further to prevent breakage

PyYAML was unsafe by default: it allowed to execute arbitary Python code by default. It took years to change the default to "safe". I don't think that adding a parameter for opt-in for security is a good approach. An application can use ipaddress internally without being aware of using it, if it's done by a third party module. It's hard to prevent security vulnerabilities if people have to "opt-in" for security.

I prefer to break code and force people to manually get back the old behavior. It's better to make 90% safe by default but make 10% of people unhappy.

It's uncommon to pass IPv4 addresses with leading zeros.

If you want to tolerate leading zeros, you don't have to modify the ipaddress for that, you can pre-process your inputs: it works on any Python version with or without the fix.

>>> def reformat_ip(address): return '.'.join(part.lstrip('0') if part != '0' else part for part in address.split('.'))
... 
>>> reformat_ip('0127.0.0.1')
'127.0.0.1'

Or with an explicit loop for readability:

def reformat_ip(address):
    parts = []
    for part in address.split('.'):
        if part != "0":
            part = part.lstrip('0')
        parts.append(part)
    return '.'.join(parts)

History
Date	User	Action	Args
2021-04-06 17:19:01	vstinner	set	recipients: + vstinner, ncoghlan, eric.smith, christian.heimes, ned.deily, pmoody, docs@python, lukasz.langa, serhiy.storchaka, steve.dower, Joel Croteau, gc2
2021-04-06 17:19:01	vstinner	set	messageid: <1617729541.65.0.12208326274.issue36384@roundup.psfhosted.org>
2021-04-06 17:19:01	vstinner	link	issue36384 messages
2021-04-06 17:19:01	vstinner	create