Opened 12 years ago

Closed 12 years ago

Last modified 9 years ago

#7241 closed (fixed)

Transaction management does not catch all exceptions

Reported by: jim <jim-django@…> Owned by: nobody
Component: Database layer (models, ORM) Version: master
Severity: Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


When a view is decorated with commit_on_success, any exception raised in that view should cause a rollback of the current transaction. If no exception occurs, the transaction should be committed.

There are many exceptions that are not caught by commit_on_success. When one of these is raised, neither a rollback nor a commit is done. This causes a TransactionManagementError in leave_transaction_management().

The only exceptions caught are subclasses of Python's built in Exception class. Since Python allows any object to be raised as an exception, this leaves an unprotected path in the code.

For example (untested, just an illustration):

def my_view(request):
   raise "simple debug exception"

The object being raised will not match commit_on_success's handler, and the error condition is triggered.

Note: Yes, string exceptions are deprecated. But they are still possible, and must be guarded against.

Simple patch attached.

Attachments (1)

catchmore.patch (437 bytes) - added by jim <jim-django@…> 12 years ago.
simple patch

Download all attachments as: .zip

Change History (6)

Changed 12 years ago by jim <jim-django@…>

Attachment: catchmore.patch added

simple patch

comment:1 Changed 12 years ago by Bernd Schlapsi

I think #6623 is related to this issue

comment:2 Changed 12 years ago by jim <jim-django@…>

Notice that this is not the classic misguided "naked except", as it re-raises immediately after the rollback.

comment:3 Changed 12 years ago by Eric Holscher

milestone: 1.0
Triage Stage: UnreviewedAccepted

comment:4 Changed 12 years ago by Malcolm Tredinnick

Resolution: fixed
Status: newclosed

(In [8419]) Fixed #7241 -- More robust exception catching in the transaction management
code. As pointed out in the ticket, Python still lets you raise all sorts of
odd things as exceptions (e.g. strings), so even though they're bad form, we
should still handle them. We do that cleanly now. Thanks to jim-django@…
for the patch.

comment:5 Changed 9 years ago by Jacob

milestone: 1.0

Milestone 1.0 deleted

Note: See TracTickets for help on using tickets.
Back to Top