Opened 13 years ago

Closed 13 years ago

Last modified 12 years ago

#1213 closed defect (fixed)

Value of NOT_PROVIDED might collide with real data

Reported by: Antti Kaihola Owned by: Adrian Holovaty
Component: Database layer (models, ORM) Version:
Severity: trivial Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


In django.core.meta.fields, NOT_PROVIDED is defined as

# Random entropy string used by "default" param.
NOT_PROVIDED = 'oijpwojefiojpanv'

Although extremely unlikely, this string could appear as a default value in a model and be interpreted as if no default value was provided.

Is there something preventing the following:


Or are there some control characters in the range chr(0..31) which don't make sense in the database backend side and could be used here?

Change History (2)

comment:1 Changed 13 years ago by akaihola <antti.kaihola@…>

Or what about this solution:

class NotProvided(str):

NOT_PROVIDED = NotProvided('No default value is provided.')

if some_default_value is NOT_PROVIDED:
   print 'There is no default value.'
   # and act accordingly

comment:2 Changed 13 years ago by Adrian Holovaty

Resolution: fixed
Status: newclosed

(In [2454]) Fixed #1213 -- Changed value of NOT_PROVIDED so that it's not a string, to prevent possible (but highly unlikely) collisions. Thanks, akaihola

Note: See TracTickets for help on using tickets.
Back to Top