New submission from Marcel Hellkamp: Discovered here: https://github.com/bottlepy/bottle/issues/856
If a multipart section has a "Content-Length" header, but no "filename" attribute in the "Content-Disposition" header, cgi.FieldStorage tries to write binary data to a temporary file opened in text-mode. The problem here is that cgi.FieldStorage tries to decide if something is a binary file-upload or a unicode form-field, but it does so based on two different headers in two different places. If the headers contradict each other (form-fields usually don't have a Content-Length, file-uploads usually have a filename), parsing breaks with a TypeError. Unfortunately, there are some HTTP client libraries out there that trigger this bug. Here is what happens: A "Content-Length" header causes `cgi.FieldStorage.length` to be is set (which is fine). https://hg.python.org/cpython/file/3.4/Lib/cgi.py#l550 If `length` has a value, `read_binary()` is used instead of `read_lines()` (which is questionable). https://hg.python.org/cpython/file/3.4/Lib/cgi.py#l733 `read_binary()` calls `make_file()` which creates the buffer file in text mode if it does not find a `filename` attribute in the "Content-Disposition" Header (which is somewhat okay). https://hg.python.org/cpython/file/3.4/Lib/cgi.py#l515 https://hg.python.org/cpython/file/3.4/Lib/cgi.py#l893 The bug is triggered if the last two steps disagree on the bytes vs. text question. ---------- components: Library (Lib) messages: 268460 nosy: Marcel Hellkamp priority: normal severity: normal status: open title: Inconsistency in cgi.FieldStorage() causes unicode/byte issue. type: crash versions: Python 3.4, Python 3.5 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue27308> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
