登录 注册
开源 企业版 高校版 私有云 Gitee AI NEW
扫描微信二维码支付
取消
支付完成
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
1 Star 0 Fork 13

hanxinke / python2

forked from src-openEuler / python2
关闭
 
代码 Issues 0 Pull Requests 0 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
项目仓库所选许可证以仓库主分支所使用许可证为准
克隆/下载
CVE-2019-10160-3.patch 2.22 KB
一键复制 编辑 原始数据 按行查看 历史
syyhao 提交于 2019-12-25 18:38 . fix some CVE and update spec
1234567891011121314151617181920212223242526272829303132333435363738394041
diff -uNrp a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py

--- a/Lib/test/test_urlparse.py	2019-12-21 15:58:00.556000000 +0800

+++ b/Lib/test/test_urlparse.py	2019-12-21 15:59:11.456000000 +0800

@@ -656,6 +656,15 @@ class UrlParseTestCase(unittest.TestCase

                     with self.assertRaises(ValueError):

                         urlparse.urlsplit(url)

 

+        # check error message: invalid netloc must be formated with repr()

+        # to get an ASCII error message

+        with self.assertRaises(ValueError) as cm:

+            urlparse.urlsplit(u'http://example.com\uFF03@bing.com')

+        self.assertEqual(str(cm.exception),

+                         "netloc u'example.com\\uff03@bing.com' contains invalid characters "

+                         "under NFKC normalization")

+        self.assertIsInstance(cm.exception.args[0], str)

+

 def test_main():

     test_support.run_unittest(UrlParseTestCase)

 

diff -uNrp a/Lib/urlparse.py b/Lib/urlparse.py

--- a/Lib/urlparse.py	2019-12-21 15:58:00.480000000 +0800

+++ b/Lib/urlparse.py	2019-12-21 15:59:55.128000000 +0800

@@ -181,8 +181,9 @@ def _checknetloc(netloc):

     _, _, netloc = netloc.rpartition('@') # anything to the left of '@' is okay

     for c in '/?#@:':

         if c in netloc2:

-            raise ValueError(u"netloc '" + netloc + u"' contains invalid " +

-                             u"characters under NFKC normalization")

+            raise ValueError("netloc %r contains invalid characters "

+                             "under NFKC normalization"

+                             % netloc)

 

 def urlsplit(url, scheme='', allow_fragments=True):

     """Parse a URL into 5 components:

diff -uNrp a/Misc/NEWS.d/next/Library/2019-06-10-12-02-45.bpo-36742.UEdHXJ.rst b/Misc/NEWS.d/next/Library/2019-06-10-12-02-45.bpo-36742.UEdHXJ.rst

--- a/Misc/NEWS.d/next/Library/2019-06-10-12-02-45.bpo-36742.UEdHXJ.rst	1970-01-01 08:00:00.000000000 +0800

+++ b/Misc/NEWS.d/next/Library/2019-06-10-12-02-45.bpo-36742.UEdHXJ.rst	2019-12-21 16:00:40.480000000 +0800

@@ -0,0 +1,3 @@

+:func:`urlparse.urlsplit` error message for invalid ``netloc`` according to

+NFKC normalization is now a :class:`str` string, rather than a

+:class:`unicode` string, to prevent error when displaying the error.
1
https://gitee.com/hanxinke/python2.git
git@gitee.com:hanxinke/python2.git
hanxinke
python2
python2
master
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
评论
仓库举报
回到顶部