Code

Opened 2 years ago

Closed 2 years ago

#17693 closed Bug (fixed)

int_to_base36 may hang indefinitely when bad data is provided.

Reported by: Keryn Knight <django@…> Owned by: nobody
Component: Core (Other) Version: 1.3
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation:
Needs tests: Patch needs improvement:
Easy pickings: yes UI/UX: no

Description

Technically, this is a (silly) user error, but it's not what I'd consider expected behaviour.

>>> from django.utils.http import int_to_base36
>>> int_to_base36(1)
'1'
>>> int_to_base36('1') # never returns.
File "<stdin>", line 1, in <module>
  File "/path/to/django/utils/http.py", line 159, in int_to_base36
    if i < 36 ** factor:
KeyboardInterrupt
>>>

A more extreme example:

>>> int_to_base36({1:2}) # hangs indefinitely.
>>> int_to_base36((4,5,6)) # same.

It would seem to me to be prudent to raise an exception (TypeError?) if the value can't reliably be used to cast to a base36 string. I came across this because I was accidently consuming an argument straight from the view, without first casting it. I'm also thinking it might be leaking memory, as both the terminal and runserver became very slow to react to KeyboardInterrupt signals.

I've marked it as a bug for 1.3, though to the best of my awareness, it exists in 1.2, and looking at the history for trunk, it doesn't seem likely to have been resolved there.

Attachments (0)

Change History (1)

comment:1 Changed 2 years ago by PaulM

  • Resolution set to fixed
  • Status changed from new to closed

In [17525]:

Fixed #17693. Input validation and tests for base36 conversion utils. Thanks Keryn Knight for the report.

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.