diff --git a/Lib/test/test_ast.py b/Lib/test/test_ast.py index 13ec2d0d713..7d1649c1155 100644 --- a/Lib/test/test_ast.py +++ b/Lib/test/test_ast.py @@ -364,6 +364,20 @@ def test_invalid_sum(self): compile(m, "", "exec") self.assertIn("but got <_ast.expr", str(cm.exception)) + def test_invalid_identitifer(self): + m = ast.Module([ast.Expr(ast.Name(42, ast.Load()))]) + ast.fix_missing_locations(m) + with self.assertRaises(TypeError) as cm: + compile(m, "", "exec") + self.assertIn("identifier must be of type str", str(cm.exception)) + + def test_invalid_string(self): + m = ast.Module([ast.Expr(ast.Str(42))]) + ast.fix_missing_locations(m) + with self.assertRaises(TypeError) as cm: + compile(m, "", "exec") + self.assertIn("string must be of type str", str(cm.exception)) + class ASTHelpers_Test(unittest.TestCase): diff --git a/Misc/NEWS b/Misc/NEWS index c1162ed640f..b3ecefd4f15 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -10,6 +10,9 @@ What's New in Python 3.2.2? Core and Builtins ----------------- +- Verify the types of AST strings and identifiers provided by the user before + compiling them. + - Issue #12579: str.format_map() now raises a ValueError if used on a format string that contains positional fields. Initial patch by Julian Berman. diff --git a/Parser/asdl_c.py b/Parser/asdl_c.py index d6555d6d725..729ded8b6b7 100755 --- a/Parser/asdl_c.py +++ b/Parser/asdl_c.py @@ -794,8 +794,25 @@ def visitModule(self, mod): return 0; } -#define obj2ast_identifier obj2ast_object -#define obj2ast_string obj2ast_object +static int obj2ast_stringlike(PyObject* obj, PyObject** out, PyArena* arena, + const char *name) +{ + if (!PyUnicode_CheckExact(name)) { + PyErr_Format(PyExc_TypeError, "AST %s must be of type str", name); + return 1; + } + return obj2ast_object(obj, out, arena); +} + +static int obj2ast_identifier(PyObject* obj, PyObject** out, PyArena* arena) +{ + return obj2ast_stringlike(obj, out, arena, "identifier"); +} + +static int obj2ast_string(PyObject* obj, PyObject** out, PyArena* arena) +{ + return obj2ast_stringlike(obj, out, arena, "string"); +} static int obj2ast_int(PyObject* obj, int* out, PyArena* arena) { diff --git a/Python/Python-ast.c b/Python/Python-ast.c index 2c09f96f0ed..43dcf6a5081 100644 --- a/Python/Python-ast.c +++ b/Python/Python-ast.c @@ -2,7 +2,7 @@ /* - __version__ 82163. + __version__ . This module must be committed separately after each AST grammar change; The __version__ number is set to the revision number of the commit @@ -600,8 +600,25 @@ static int obj2ast_object(PyObject* obj, PyObject** out, PyArena* arena) return 0; } -#define obj2ast_identifier obj2ast_object -#define obj2ast_string obj2ast_object +static int obj2ast_stringlike(PyObject* obj, PyObject** out, PyArena* arena, + const char *name) +{ + if (!PyUnicode_CheckExact(name)) { + PyErr_Format(PyExc_TypeError, "AST %s must be of type str", name); + return 1; + } + return obj2ast_object(obj, out, arena); +} + +static int obj2ast_identifier(PyObject* obj, PyObject** out, PyArena* arena) +{ + return obj2ast_stringlike(obj, out, arena, "identifier"); +} + +static int obj2ast_string(PyObject* obj, PyObject** out, PyArena* arena) +{ + return obj2ast_stringlike(obj, out, arena, "string"); +} static int obj2ast_int(PyObject* obj, int* out, PyArena* arena) { @@ -6739,7 +6756,7 @@ PyInit__ast(void) NULL; if (PyModule_AddIntConstant(m, "PyCF_ONLY_AST", PyCF_ONLY_AST) < 0) return NULL; - if (PyModule_AddStringConstant(m, "__version__", "82163") < 0) + if (PyModule_AddStringConstant(m, "__version__", "") < 0) return NULL; if (PyDict_SetItemString(d, "mod", (PyObject*)mod_type) < 0) return NULL;