Opened 6 years ago

Closed 6 years ago

#9938 closed (duplicate)

ModelChoiceField validation throws OverflowError

Reported by: bstpierre Owned by: nobody
Component: Forms Version: master
Severity: Keywords:
Cc: Triage Stage: Unreviewed
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

I have a form that uses ModelChoiceField.

My unit tests throw strings and very large integers at the ModelChoiceField field. I expect the clean() method to trap any bad input so that I don't have to. Sending strings ("abcd") or very large integers (01234567890123456789012345678901234567890123456789) causes exceptions.

To reproduce, I'm attaching a minimal django project as a tarball.

I'm also attaching a patch that fixes these two cases. Not sure if there's a better fix that would be preferred.

Using svn 9692.

Test case:

  1. tar zxvf overflow.tgz
  2. ./manage.py syncdb --noinput [db is sqlite3 in /tmp/deleteme.sqlite3]
  3. ./manage.py runserver
  4. browse to http://127.0.0.1:8000/overflow/?blog=1234567890123456789012345678901234567890123456789, expect to see "invalid" but instead get Django error page (OverflowError)
  5. browse to http://127.0.0.1:8000/overflow/?blog=foo, expect to see "invalid" but instead get Django error page (ValueError)

Attachments (2)

overflow.tgz (2.3 KB) - added by bstpierre 6 years ago.
minimal project to reproduce error
9938.patch (775 bytes) - added by bstpierre 6 years ago.
proposed patch

Download all attachments as: .zip

Change History (5)

Changed 6 years ago by bstpierre

minimal project to reproduce error

comment:1 Changed 6 years ago by bstpierre

  • Has patch set
  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset

Index: django/forms/models.py
===================================================================
--- django/forms/models.py (revision 9692)
+++ django/forms/models.py (working copy)
@@ -705,6 +705,12 @@

value = self.queryset.get({key: value})

except self.queryset.model.DoesNotExist:

raise ValidationError(self.error_messagesinvalid_choice?)

+ except ValueError:
+ # Raised when string is passed.
+ raise ValidationError(self.error_messagesinvalid_choice?)
+ except OverflowError:
+ # Raised when ridiculously large integer is passed.
+ raise ValidationError(self.error_messagesinvalid_choice?)

return value

class ModelMultipleChoiceField(ModelChoiceField):

comment:2 Changed 6 years ago by bstpierre

Sorry about that, let me attach it as a file...

Changed 6 years ago by bstpierre

proposed patch

comment:3 Changed 6 years ago by kmtracey

  • Resolution set to duplicate
  • Status changed from new to closed

This is really the same problem as is noted in #9209. The last patch attached there proposes using a bare except since it's quite hard (if not impossible) to figure out all the different exceptions that may be caused by incorrect user input in this case. That patch also fixes up ModelMultipleChoiceFields, which have the same issue with bad user input.

Note: See TracTickets for help on using tickets.
Back to Top