gh-150633: properly handle imports with null bytes in names#150634
Conversation
KowalskiThomas
changed the title
KowalskiThomas
requested review from
FFY00,
brettcannon,
ericsnowcurrently,
kumaraditya303,
ncoghlan and
warsaw
as code owners
| @@ -0,0 +1,3 @@ | |||
| Fix :func:`__import__` accepting module names with embedded null bytes, which | |||
There was a problem hiding this comment.
This is for frozen modules only, right? I cannot reproduce this for other modules.
There was a problem hiding this comment.
Yes, indeed. Initially I had added a check rejecting null bytes in every __import__ call (which I think matches what is discussed in the issue) but I eventually went for a more targeted fix. I'll change the news entry for now so it matches what the code does.
| # lead to duplicates in sys.modules | ||
| before = set(sys.modules.keys()) | ||
| with self.assertRaises(ModuleNotFoundError): | ||
| __import__('codecs\x00junk') |
There was a problem hiding this comment.
I get ModuleNotFoundError on non-installed Python. The bug is only reproducible om the system Python. Can we make the test more reproducible?
There was a problem hiding this comment.
I changed it to zipimport instead of codecs, I have it failing on my non-installed build as well now.
% ./python.exe -m unittest Lib.test.test_import.ImportTests.test_import_null_byte_in_name_raises_ModuleNotFoundError -v
test_import_null_byte_in_name_raises_ModuleNotFoundError (Lib.test.test_import.ImportTests.test_import_null_byte_in_name_raises_ModuleNotFoundError) ... FAIL
======================================================================
FAIL: test_import_null_byte_in_name_raises_ModuleNotFoundError (Lib.test.test_import.ImportTests.test_import_null_byte_in_name_raises_ModuleNotFoundError)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/Users/thomas.kowalski/Documents/cpython/Lib/test/test_import/__init__.py", line 371, in test_import_null_byte_in_name_raises_ModuleNotFoundError
with self.assertRaises(ModuleNotFoundError):
~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^
AssertionError: ModuleNotFoundError not raised
----------------------------------------------------------------------
Ran 1 test in 0.005s
FAILED (failures=1)
serhiy-storchaka
added
needs backport to 3.13
|
Thanks @KowalskiThomas for the PR, and @serhiy-storchaka for merging it 🌮🎉.. I'm working now to backport this PR to: 3.13, 3.14, 3.15. |
|
GH-151100 is a backport of this pull request to the 3.15 branch. |
bedevere-app
Bot
removed
the
needs backport to 3.15
|
GH-151101 is a backport of this pull request to the 3.14 branch. |
|
GH-151102 is a backport of this pull request to the 3.13 branch. |
| def test_import_null_byte_in_name_raises_ModuleNotFoundError(self): | ||
| # gh-150633: module names containing null bytes should not | ||
| # lead to duplicates in sys.modules | ||
| before = set(sys.modules.keys()) |
|
Thanks for the contribution! I have a small PR to improve a style thing. |
3 participants
What is this PR?
Fixes #150633.
sys.modulescache #150633