Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:4317
python-django.openSUSE_13.1_Update
0004-1.5.x-Fixed-DoS-possibility-in-ModelMultip...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0004-1.5.x-Fixed-DoS-possibility-in-ModelMultipleChoiceFi.patch of Package python-django.openSUSE_13.1_Update
From 8d6dfa690412465cf41b2524d84d727e121a8576 Mon Sep 17 00:00:00 2001 From: Tim Graham <timograham@gmail.com> Date: Thu, 11 Dec 2014 08:31:03 -0500 Subject: [PATCH 4/4] [1.5.x] Fixed DoS possibility in ModelMultipleChoiceField. (bnc#913055, CVE-2015-0222) This is a security fix. Database denial-of-service with ``ModelMultipleChoiceField``. Full description <https://www.djangoproject.com/weblog/2015/jan/13/security/> Thanks Keryn Knight for the report and initial patch. cherry-picked-from: d7a06ee7e571b6dad07c0f5b519b1db02e2a476c by aplanas Conflicts: django/forms/models.py --- django/forms/models.py | 25 ++++++++++++++++++++++--- tests/modeltests/model_forms/tests.py | 21 +++++++++++++++++++++ 2 files changed, 43 insertions(+), 3 deletions(-) diff --git a/django/forms/models.py b/django/forms/models.py index 1e7888a..f0a6dfc 100644 --- a/django/forms/models.py +++ b/django/forms/models.py @@ -1039,7 +1039,29 @@ class ModelMultipleChoiceField(ModelChoiceField): return self.queryset.none() if not isinstance(value, (list, tuple)): raise ValidationError(self.error_messages['list']) + qs = self._check_values(value) + # Since this overrides the inherited ModelChoiceField.clean + # we run custom validators here + self.run_validators(value) + return qs + + def _check_values(self, value): + """ + Given a list of possible PK values, returns a QuerySet of the + corresponding objects. Raises a ValidationError if a given value is + invalid (not a valid PK, not in the queryset, etc.) + """ key = self.to_field_name or 'pk' + # deduplicate given values to avoid creating many querysets or + # requiring the database backend deduplicate efficiently. + try: + value = frozenset(value) + except TypeError: + # list of lists isn't hashable, for example + raise ValidationError( + self.error_messages['list'], + code='list', + ) for pk in value: try: self.queryset.filter(**{key: pk}) @@ -1050,9 +1072,6 @@ class ModelMultipleChoiceField(ModelChoiceField): for val in value: if force_text(val) not in pks: raise ValidationError(self.error_messages['invalid_choice'] % val) - # Since this overrides the inherited ModelChoiceField.clean - # we run custom validators here - self.run_validators(value) return qs def prepare_value(self, value): diff --git a/tests/modeltests/model_forms/tests.py b/tests/modeltests/model_forms/tests.py index d8f2f76..424f971 100644 --- a/tests/modeltests/model_forms/tests.py +++ b/tests/modeltests/model_forms/tests.py @@ -1150,6 +1150,27 @@ class OldFormForXTests(TestCase): </select></p> <p><label for="id_age">Age:</label> <input type="text" name="age" value="65" id="id_age" /></p>''' % (w_woodward.pk, w_bernstein.pk, bw.pk, w_royko.pk)) + def test_show_hidden_initial_changed_queries_efficiently(self): + class WriterForm(forms.Form): + persons = forms.ModelMultipleChoiceField( + show_hidden_initial=True, queryset=Writer.objects.all()) + + writers = (Writer.objects.create(name=str(x)) for x in range(0, 50)) + writer_pks = tuple(x.pk for x in writers) + form = WriterForm(data={'initial-persons': writer_pks}) + with self.assertNumQueries(1): + self.assertTrue(form.has_changed()) + + def test_clean_does_deduplicate_values(self): + class WriterForm(forms.Form): + persons = forms.ModelMultipleChoiceField(queryset=Writer.objects.all()) + + person1 = Writer.objects.create(name="Person 1") + form = WriterForm(data={}) + queryset = form.fields['persons'].clean([str(person1.pk)] * 50) + sql, params = queryset.query.sql_with_params() + self.assertEqual(len(params), 1) + def test_file_field(self): # Test conditions when files is either not given or empty. -- 1.8.1.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor