[Twisted-Python] maintenance release - a security issue and a regression
glyph at twistedmatrix.com
Fri Feb 1 19:42:34 EST 2013
On Jan 31, 2013, at 6:07 AM, Angelo Dell'Aera <angelo.dellaera at gmail.com> wrote:
> On Wed, 30 Jan 2013 23:32:34 +0100
> Angelo Dell'Aera <angelo.dellaera at gmail.com> wrote:
>> On Wed, 30 Jan 2013 11:04:36 -0800
>> Glyph <glyph at twistedmatrix.com> wrote:
>>> Any volunteers for parts of this process?
>> I'm not familiar with Twisted patching process and for this reason
>> I'm just attaching a small patch here for #6245 because I'd like to
>> discuss about the approach. If correct I will move on in the process
>> (hopefully in the right way)
>> The patch simply tries to encode the name argument properly if
>> unicode. This is the same approach used by ralphm but applied to Name
>> class initialization so it should be really generic.
>> Just about a doubt about how to handle an exception potentially
>> raised during the name encoding. Any idea?
>> PS Attached a simple test code which forces the name to resolve to be
>> unicode. It fails against 12.3.0 while it is correclty executed after
> I read documentation about Twisted testing and tested if the suggested patch
> introduces some regressions in the existing code
> buffer at saiph ~/Twisted-12.3.0/twisted $ trial twisted.names
> Ran 271 tests in 0.425s
> PASSED (successes=271)
> which seems like it's not happening.
> Obviously this is not exhaustive because seems like there are no specific tests
> for that code path (name is always passed as byte) but I can try writing some
> additional ones if needed.
Thanks for your contribution. It looks like the ticket in question already has a branch in review though, so we won't need your patch this time.
In the future, the right way to submit patches is to attach them to the appropriate ticket; in this case, <http://twistedmatrix.com/trac/ticket/6245>. They tend to get lost or ignored on the mailing list (as happened here). To answer your question about additional tests, yes, whenever we fix a bug in Twisted, the fix has to come along with a new test to ensure that it stays fixed in subsequent releases.
More information about the Twisted-Python