[Twisted-Python] maintenance release - a security issue and a regression
angelo.dellaera at gmail.com
Thu Jan 31 09:07:25 EST 2013
On Wed, 30 Jan 2013 23:32:34 +0100
Angelo Dell'Aera <angelo.dellaera at gmail.com> wrote:
> On Wed, 30 Jan 2013 11:04:36 -0800
> Glyph <glyph at twistedmatrix.com> wrote:
> > Any volunteers for parts of this process?
> I'm not familiar with Twisted patching process and for this reason
> I'm just attaching a small patch here for #6245 because I'd like to
> discuss about the approach. If correct I will move on in the process
> (hopefully in the right way)
> The patch simply tries to encode the name argument properly if
> unicode. This is the same approach used by ralphm but applied to Name
> class initialization so it should be really generic.
> Just about a doubt about how to handle an exception potentially
> raised during the name encoding. Any idea?
> PS Attached a simple test code which forces the name to resolve to be
> unicode. It fails against 12.3.0 while it is correclty executed after
I read documentation about Twisted testing and tested if the suggested patch
introduces some regressions in the existing code
buffer at saiph ~/Twisted-12.3.0/twisted $ trial twisted.names
Ran 271 tests in 0.425s
which seems like it's not happening.
Obviously this is not exhaustive because seems like there are no specific tests
for that code path (name is always passed as byte) but I can try writing some
additional ones if needed.
Angelo Dell'Aera 'buffer'
Antifork Research, Inc. http://buffer.antifork.org
Sysenter Honeynet Project http://www.sysenter-honeynet.org
More information about the Twisted-Python