gh-122353: Handle ValueError during imports
#122389
+90
−38
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -148,6 +148,7 @@ def _path_stat(path): | |
| Made a separate function to make it easier to override in experiments | ||
| (e.g. cache stat results). | ||
|
|
||
| This function may raise OSError or ValueError. | ||
| """ | ||
| return _os.stat(path) | ||
|
|
||
|
|
@@ -156,7 +157,7 @@ def _path_is_mode_type(path, mode): | |
| """Test whether the path is the specified mode type.""" | ||
| try: | ||
| stat_info = _path_stat(path) | ||
| except (OSError, ValueError): | ||
| return False | ||
| return (stat_info.st_mode & 0o170000) == mode | ||
|
|
||
|
|
@@ -211,7 +212,7 @@ def _write_atomic(path, data, mode=0o666): | |
| with _io.FileIO(fd, 'wb') as file: | ||
| file.write(data) | ||
| _os.replace(path_tmp, path) | ||
| except: | ||
zooba marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| try: | ||
| _os.unlink(path_tmp) | ||
| except OSError: | ||
|
|
@@ -654,7 +655,7 @@ def _calc_mode(path): | |
| """Calculate the mode permissions for a bytecode file.""" | ||
| try: | ||
| mode = _path_stat(path).st_mode | ||
| except (OSError, ValueError): | ||
| mode = 0o666 | ||
| # We always ensure write access so we can update cached files | ||
| # later even when the source files are read-only on Windows (#6074) | ||
|
|
@@ -990,7 +991,7 @@ def find_spec(cls, fullname, path=None, target=None): | |
| return None | ||
| try: | ||
| _path_stat(filepath) | ||
| except (OSError, ValueError): | ||
| return None | ||
| for loader, suffixes in _get_supported_file_loaders(): | ||
| if filepath.endswith(tuple(suffixes)): | ||
|
|
@@ -1036,7 +1037,7 @@ def path_mtime(self, path): | |
| """Optional method that returns the modification time (an int) for the | ||
| specified path (a str). | ||
|
|
||
| Raises OSError or ValueError when the path cannot be handled. | ||
| """ | ||
| raise OSError | ||
|
|
||
|
|
@@ -1050,7 +1051,7 @@ def path_stats(self, path): | |
| - 'size' (optional) is the size in bytes of the source code. | ||
|
|
||
| Implementing this method allows the loader to read bytecode files. | ||
| Raises OSError or ValueError when the path cannot be handled. | ||
| """ | ||
| return {'mtime': self.path_mtime(path)} | ||
|
|
||
|
|
@@ -1076,7 +1077,7 @@ def get_source(self, fullname): | |
| path = self.get_filename(fullname) | ||
| try: | ||
| source_bytes = self.get_data(path) | ||
| except (OSError, ValueError) as exc: | ||
picnixz marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| raise ImportError('source not available through get_data()', | ||
| name=fullname) from exc | ||
| return decode_source(source_bytes) | ||
|
|
@@ -1109,13 +1110,13 @@ def get_code(self, fullname): | |
| else: | ||
| try: | ||
| st = self.path_stats(source_path) | ||
| except (OSError, ValueError): | ||
| pass | ||
| else: | ||
| source_mtime = int(st['mtime']) | ||
| try: | ||
| data = self.get_data(bytecode_path) | ||
| except (OSError, ValueError): | ||
| pass | ||
| else: | ||
| exc_details = { | ||
|
|
@@ -1211,7 +1212,10 @@ def get_filename(self, fullname): | |
| return self.path | ||
|
|
||
| def get_data(self, path): | ||
| """Return the data from path as raw bytes. | ||
|
|
||
| This may raise an OSError or a ValueError if the path is invalid. | ||
picnixz marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| """ | ||
| if isinstance(self, (SourceLoader, ExtensionFileLoader)): | ||
| with _io.open_code(str(path)) as file: | ||
| return file.read() | ||
|
|
@@ -1255,19 +1259,20 @@ def set_data(self, path, data, *, _mode=0o666): | |
| except FileExistsError: | ||
| # Probably another Python process already created the dir. | ||
| continue | ||
| except (OSError, ValueError) as exc: | ||
|
There was a problem hiding this comment. This should be made narrower rather than broader (i.e. only ignoring |
||
| # Could be a permission error, read-only filesystem, or | ||
| # an invalid path name: just forget about writing the data. | ||
| _bootstrap._verbose_message('could not create {!r}: {!r}', | ||
| parent, exc) | ||
| return | ||
| try: | ||
| _write_atomic(path, data, _mode) | ||
| except (OSError, ValueError) as exc: | ||
|
There was a problem hiding this comment. Ditto on the narrower catch. |
||
| # Same as above: just don't write the bytecode. | ||
| _bootstrap._verbose_message('could not create {!r}: {!r}', path, | ||
| exc) | ||
| else: | ||
| _bootstrap._verbose_message('created {!r}', path) | ||
|
|
||
|
|
||
| class SourcelessFileLoader(FileLoader, _LoaderBasics): | ||
|
|
@@ -1631,6 +1636,9 @@ def find_spec(self, fullname, target=None): | |
| mtime = _path_stat(self.path or _os.getcwd()).st_mtime | ||
| except OSError: | ||
| mtime = -1 | ||
| except ValueError: | ||
| # Invalid paths will never be usable even if mtime = -1. | ||
| return None | ||
| if mtime != self._path_mtime: | ||
| self._fill_cache() | ||
| self._path_mtime = mtime | ||
|
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -93,13 +93,30 @@ def test_path_importer_cache_empty_string(self): | |
| self.check_found(found, importer) | ||
| self.assertIn(os.getcwd(), sys.path_importer_cache) | ||
|
|
||
| def test_invalid_names_in_sys_path(self): | ||
| for name, desc in [ | ||
| # Putting None in sys.path[0] caused an import regression from | ||
| # Python 3.2: http://bugs.python.org/issue16514 | ||
| (None, 'None in sys.path[0]'), | ||
| # embedded NUL characters raise ValueError in os.stat() | ||
| ('\x00', 'NUL bytes path'), | ||
| (f'Top{os.sep}Mid\x00', 'path with embedded NUL bytes'), | ||
| # A path with surrogate codes. A UnicodeEncodeError is raised | ||
| # by os.stat() upon querying, which is a subclass of ValueError. | ||
| ("\uD834\uDD1E", 'surrogate codes (MUSICAL SYMBOL G CLEF)'), | ||
| # For POSIX platforms, an OSError will be raised but for Windows | ||
| # platforms, a ValueError is raised due to the path_t converter. | ||
| # See: https://github.com/python/cpython/issues/122353 | ||
| ('a' * 1_000_000, 'very long path'), | ||
| ]: | ||
| with self.subTest(desc): | ||
| self._test_invalid_name_in_sys_path(name) | ||
|
|
||
| def _test_invalid_name_in_sys_path(self, name): | ||
| new_path = sys.path[:] | ||
| new_path.insert(0, name) | ||
| new_path_importer_cache = sys.path_importer_cache.copy() | ||
| new_path_importer_cache.pop(name, None) | ||
| new_path_hooks = [zipimport.zipimporter, | ||
| self.machinery.FileFinder.path_hook( | ||
| *self.importlib._bootstrap_external._get_supported_file_loaders())] | ||
|
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| Handle :exc:`ValueError`\s raised by OS-related functions during import if | ||
| ``sys.path`` contains invalid path names. Patch by Bénédikt Tran. |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We deliberately don't document
ValueErrorin most cases because it's assumed to be a possibility whenever you pass in an invalid value. If we start documenting it, we'll end up having to put it on every single function.I'd rather skip all these doc changes and keep with our usual conventions. It may be surprising at first, but the error does only occur when an invalid value is provided, and not due to OS/environment issues (which are the cause of the OSError, and we document functions that may do something that could result in an OSError because most do not).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since OSError is already explicitly documented here, I do not see harm in mentioning also ValueError which depends on OS and environment. For example, UnicodeEncodeError (which is a subclass of ValueError) can be raised depending on the locale.
This is also important for end user to know which exceptions they should catch. OSError and ValueError are not raised in normal cases, but they can be raised depending on user data, OS and environment. It is easy to miss ValueError.
Such exceptions like TypeError, MemoryError, RecursionError should not be explicitly documented.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It depends on the OS, but not on the state of the OS (what I meant by "environment", as opposed to "environment variables" which are only one aspect of the overall state).
ValueError can be raised practically anywhere. If you aren't sure you're passing a valid value, you always need to handle ValueError. It's in the same category as TypeError, MemoryError and RecursionError (and AttributeError when calling a function, as this is essentially the same as TypeError).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Another phrasing issue here is the switch from the imperative "is to be raised" to the descriptive "this raises". It's an abstract method definition giving instructions to subclass authors, so the "is to be raised" phrasing should be kept.
Due to that, I do think it's reasonable to mention
ValueErrorexplicitly here, specifically so subclass method implementors don't feel obliged to catch it and turn it intoOSError.