From 2193d2b72bc942a0c0b489a9c2759a6aefbeecdf Mon Sep 17 00:00:00 2001 From: Benjamin Peterson Date: Fri, 22 Jul 2011 10:50:23 -0500 Subject: type check AST strings and identifiers This is related to a21829180423 as well as #12609 and #12610. --- Lib/test/test_ast.py | 14 ++++++++++++++ Misc/NEWS | 3 +++ Parser/asdl_c.py | 21 +++++++++++++++++++-- Python/Python-ast.c | 25 +++++++++++++++++++++---- 4 files changed, 57 insertions(+), 6 deletions(-) diff --git a/Lib/test/test_ast.py b/Lib/test/test_ast.py index 13ec2d0..7d1649c 100644 --- a/Lib/test/test_ast.py +++ b/Lib/test/test_ast.py @@ -364,6 +364,20 @@ class AST_Tests(unittest.TestCase): compile(m, "", "exec") self.assertIn("but got <_ast.expr", str(cm.exception)) + def test_invalid_identitifer(self): + m = ast.Module([ast.Expr(ast.Name(42, ast.Load()))]) + ast.fix_missing_locations(m) + with self.assertRaises(TypeError) as cm: + compile(m, "", "exec") + self.assertIn("identifier must be of type str", str(cm.exception)) + + def test_invalid_string(self): + m = ast.Module([ast.Expr(ast.Str(42))]) + ast.fix_missing_locations(m) + with self.assertRaises(TypeError) as cm: + compile(m, "", "exec") + self.assertIn("string must be of type str", str(cm.exception)) + class ASTHelpers_Test(unittest.TestCase): diff --git a/Misc/NEWS b/Misc/NEWS index c1162ed..b3ecefd 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -10,6 +10,9 @@ What's New in Python 3.2.2? Core and Builtins ----------------- +- Verify the types of AST strings and identifiers provided by the user before + compiling them. + - Issue #12579: str.format_map() now raises a ValueError if used on a format string that contains positional fields. Initial patch by Julian Berman. diff --git a/Parser/asdl_c.py b/Parser/asdl_c.py index d6555d6..729ded8 100755 --- a/Parser/asdl_c.py +++ b/Parser/asdl_c.py @@ -794,8 +794,25 @@ static int obj2ast_object(PyObject* obj, PyObject** out, PyArena* arena) return 0; } -#define obj2ast_identifier obj2ast_object -#define obj2ast_string obj2ast_object +static int obj2ast_stringlike(PyObject* obj, PyObject** out, PyArena* arena, + const char *name) +{ + if (!PyUnicode_CheckExact(name)) { + PyErr_Format(PyExc_TypeError, "AST %s must be of type str", name); + return 1; + } + return obj2ast_object(obj, out, arena); +} + +static int obj2ast_identifier(PyObject* obj, PyObject** out, PyArena* arena) +{ + return obj2ast_stringlike(obj, out, arena, "identifier"); +} + +static int obj2ast_string(PyObject* obj, PyObject** out, PyArena* arena) +{ + return obj2ast_stringlike(obj, out, arena, "string"); +} static int obj2ast_int(PyObject* obj, int* out, PyArena* arena) { diff --git a/Python/Python-ast.c b/Python/Python-ast.c index 2c09f96..43dcf6a 100644 --- a/Python/Python-ast.c +++ b/Python/Python-ast.c @@ -2,7 +2,7 @@ /* - __version__ 82163. + __version__ . This module must be committed separately after each AST grammar change; The __version__ number is set to the revision number of the commit @@ -600,8 +600,25 @@ static int obj2ast_object(PyObject* obj, PyObject** out, PyArena* arena) return 0; } -#define obj2ast_identifier obj2ast_object -#define obj2ast_string obj2ast_object +static int obj2ast_stringlike(PyObject* obj, PyObject** out, PyArena* arena, + const char *name) +{ + if (!PyUnicode_CheckExact(name)) { + PyErr_Format(PyExc_TypeError, "AST %s must be of type str", name); + return 1; + } + return obj2ast_object(obj, out, arena); +} + +static int obj2ast_identifier(PyObject* obj, PyObject** out, PyArena* arena) +{ + return obj2ast_stringlike(obj, out, arena, "identifier"); +} + +static int obj2ast_string(PyObject* obj, PyObject** out, PyArena* arena) +{ + return obj2ast_stringlike(obj, out, arena, "string"); +} static int obj2ast_int(PyObject* obj, int* out, PyArena* arena) { @@ -6739,7 +6756,7 @@ PyInit__ast(void) NULL; if (PyModule_AddIntConstant(m, "PyCF_ONLY_AST", PyCF_ONLY_AST) < 0) return NULL; - if (PyModule_AddStringConstant(m, "__version__", "82163") < 0) + if (PyModule_AddStringConstant(m, "__version__", "") < 0) return NULL; if (PyDict_SetItemString(d, "mod", (PyObject*)mod_type) < 0) return NULL; -- cgit v0.12