Added a default limit to the maximum number of forms in a formset.

This is a security fix. Disclosure and advisory coming shortly.
2025-08-04 02:48:35 +00:00 · 2013-02-12 11:22:41 +01:00 · 2013-02-12 11:22:41 +01:00 · 35c991aa06
commit 35c991aa06
parent 1f39eafd60
5 changed files with 85 additions and 19 deletions
--- a/tests/regressiontests/generic_inline_admin/tests.py
+++ b/tests/regressiontests/generic_inline_admin/tests.py
@ -6,6 +6,7 @@ from django.contrib import admin
 from django.contrib.admin.sites import AdminSite
 from django.contrib.contenttypes.generic import (
    generic_inlineformset_factory, GenericTabularInline)
+from django.forms.formsets import DEFAULT_MAX_NUM
 from django.forms.models import ModelForm
 from django.test import TestCase
 from django.test.utils import override_settings
@ -244,7 +245,7 @@ class GenericInlineModelAdminTest(TestCase):

        # Create a formset with default arguments
        formset = media_inline.get_formset(request)
-        self.assertEqual(formset.max_num, None)
+        self.assertEqual(formset.max_num, DEFAULT_MAX_NUM)
        self.assertEqual(formset.can_order, False)

        # Create a formset with custom keyword arguments