Code

Opened 8 years ago

Closed 8 years ago

Last modified 8 years ago

#741 closed defect (fixed)

Session unpickler is not fault tolerant

Reported by: django@… Owned by: adrian
Component: Core (Other) Version:
Severity: normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

Sessions store Python objects via pickle. Currently unpickling errors are not handled.

For example, if a client visits a site and a class instance is pickled into their session and then they later return to the site after the definition of that class has been removed or changed an ImportError may be thrown. Unpickling can potentially cause a whole range of Exceptions including UnpicklingError, AttributeError, EOFError, ImportError, and IndexError.

Probably it would be reasonable to use a broad try/except block and generate a new session if the session cannot be unpickled.

Attachments (0)

Change History (1)

comment:1 Changed 8 years ago by adrian

  • Resolution set to fixed
  • Status changed from new to closed

(In [1099]) Fixed #741 -- Made models.core.Session.get_decoded() fault-tolerant, in case of funky pickled data. Thanks, kieranholland

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.