mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-07-07 19:35:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

gh-65697: Improved error msg for configparser key validation (#135527)
Some checks are pending
Tests / Windows MSI (push) Blocked by required conditions
Details
Tests / (push) Blocked by required conditions
Details
Tests / Change detection (push) Waiting to run
Details
Tests / Docs (push) Blocked by required conditions
Details
Tests / Check if Autoconf files are up to date (push) Blocked by required conditions
Details
Tests / Check if generated files are up to date (push) Blocked by required conditions
Details
Tests / Ubuntu SSL tests with OpenSSL (push) Blocked by required conditions
Details
Tests / WASI (push) Blocked by required conditions
Details
Tests / Hypothesis tests on Ubuntu (push) Blocked by required conditions
Details
Tests / Address sanitizer (push) Blocked by required conditions
Details
Tests / Cross build Linux (push) Blocked by required conditions
Details
Tests / CIFuzz (push) Blocked by required conditions
Details
Tests / All required checks pass (push) Blocked by required conditions
Details
Lint / lint (push) Waiting to run
Details
mypy / Run mypy on Lib/_pyrepl (push) Waiting to run
Details
mypy / Run mypy on Lib/test/libregrtest (push) Waiting to run
Details
mypy / Run mypy on Lib/tomllib (push) Waiting to run
Details
mypy / Run mypy on Tools/build (push) Waiting to run
Details
mypy / Run mypy on Tools/cases_generator (push) Waiting to run
Details
mypy / Run mypy on Tools/clinic (push) Waiting to run
Details
mypy / Run mypy on Tools/jit (push) Waiting to run
Details
mypy / Run mypy on Tools/peg_generator (push) Waiting to run
Details

Browse source 
* Improved error msg for configparser key validation and added note in 3.14 whatsnew

* Properly added change to configparser

* 📜🤖 Added by blurb_it.

---------

Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
This commit is contained in:
Jacob Austin Lincoln 2025-06-15 09:13:19 -07:00 committed by GitHub
parent 2bd3895fca
commit 81237fbcf6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 16 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
Doc/whatsnew/3.14.rst
View file

@ -1259,6 +1259,14 @@ concurrent.futures
buffer.
(Contributed by Enzo Bonnal and Josh Rosenberg in :gh:`74028`.)
configparser
------------
* Security fix: will no longer write config files it cannot read. Attempting
to :meth:`configparser.ConfigParser.write` keys containing delimiters or
beginning with the section header pattern will raise a
:class:`configparser.InvalidWriteError`.
(Contributed by Jacob Lincoln in :gh:`129270`)
contextvars
-----------

11
Lib/configparser.py
View file

@ -1218,11 +1218,14 @@ class RawConfigParser(MutableMapping):
def _validate_key_contents(self, key):
"""Raises an InvalidWriteError for any keys containing
delimiters or that match the section header pattern"""
delimiters or that begins with the section header pattern"""
if re.match(self.SECTCRE, key):
raise InvalidWriteError("Cannot write keys matching section pattern")
if any(delim in key for delim in self._delimiters):
raise InvalidWriteError("Cannot write key that contains delimiters")
raise InvalidWriteError(
f"Cannot write key {key}; begins with section pattern")
for delim in self._delimiters:
if delim in key:
raise InvalidWriteError(
f"Cannot write key {key}; contains delimiter {delim}")
def _validate_value_types(self, *, section="", option="", value=""):
"""Raises a TypeError for illegal non-string values.

1
Misc/NEWS.d/next/Library/2025-06-15-03-03-22.gh-issue-65697.COdwZd.rst Normal file
View file

@ -0,0 +1 @@
:class:`configparser`'s error message when attempting to write an invalid key is now more helpful.