Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:GA
python-PyMySQL.34022
CVE-2024-36039.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2024-36039.patch of Package python-PyMySQL.34022
From 521e40050cb386a499f68f483fefd144c493053c Mon Sep 17 00:00:00 2001 From: Inada Naoki <songofacandy@gmail.com> Date: Sat, 18 May 2024 11:33:30 +0900 Subject: [PATCH] forbid dict parameter --- pymysql/converters.py | 6 +----- pymysql/tests/test_connection.py | 7 +++++-- 2 files changed, 6 insertions(+), 7 deletions(-) Index: PyMySQL-0.7.11/pymysql/converters.py =================================================================== --- PyMySQL-0.7.11.orig/pymysql/converters.py +++ PyMySQL-0.7.11/pymysql/converters.py @@ -28,11 +28,7 @@ def escape_item(val, charset, mapping=No return val def escape_dict(val, charset, mapping=None): - n = {} - for k, v in val.items(): - quoted = escape_item(v, charset, mapping) - n[k] = quoted - return n + raise TypeError("dict can not be used as parameter") def escape_sequence(val, charset, mapping=None): n = [] Index: PyMySQL-0.7.11/pymysql/tests/test_connection.py =================================================================== --- PyMySQL-0.7.11.orig/pymysql/tests/test_connection.py +++ PyMySQL-0.7.11/pymysql/tests/test_connection.py @@ -543,13 +543,17 @@ class TestEscape(base.PyMySQLTestCase): self.assertRaises(TypeError, con.escape, 42, {}) ++ def test_escape_dict_raise_typeerror(self): ++ """con.escape(dict) should raise TypeError""" def test_escape_dict_value(self): con = self.connections[0] cur = con.cursor() mapping = con.encoders.copy() mapping[Foo] = escape_foo - self.assertEqual(con.escape({'foo': Foo()}, mapping), {'foo': "bar"}) + # self.assertEqual(con.escape({'foo': Foo()}, mapping), {'foo': "bar"}) + with self.assertRaises(TypeError): + con.escape({"foo": Foo()}) def test_escape_list_item(self): con = self.connections[0]
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
