Merged revisions 87430 via svnmerge from

svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r87430 | r.david.murray | 2010-12-21 16:53:37 -0500 (Tue, 21 Dec 2010) | 9 lines #4871: check that zipfile password is bytes, and give useful error message. Previously passing a string in as the password would fail either with an assertion error or a TypeError with a confusing error message. Note that a string can't be accepted since zipfile has no way to guess what encoding should be used to turn it into bytes. Patch by Victor Stinner. ........

Merged revisions 87430 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r87430 | r.david.murray | 2010-12-21 16:53:37 -0500 (Tue, 21 Dec 2010) | 9 lines #4871: check that zipfile password is bytes, and give useful error message. Previously passing a string in as the password would fail either with an assertion error or a TypeError with a confusing error message. Note that a string can't be accepted since zipfile has no way to guess what encoding should be used to turn it into bytes. Patch by Victor Stinner. ........
30f9c8c6 · R. David Murray · 6cfc5124 · 30f9c8c6 · 30f9c8c6 · 30f9c8c6
Kaydet (Commit) 30f9c8c6 authored Ara 21, 2010 tarafından R. David Murray
Hide whitespace changes
Inline Side-by-side

Showing with 19 additions and 4 deletions

test_zipfile.py Lib/test/test_zipfile.py +6 -0

zipfile.py Lib/zipfile.py +10 -4

NEWS Misc/NEWS +3 -0

No files found.
--- a/Lib/test/test_zipfile.py
+++ b/Lib/test/test_zipfile.py
@@ -991,6 +991,12 @@ class DecryptionTests(unittest.TestCase):
        self.zip2.setpassword(b"12345")
        self.assertEqual(self.zip2.read("zero"), self.plain2)
+    def test_unicode_password(self):
+        self.assertRaises(TypeError, self.zip.setpassword, "unicode")
+        self.assertRaises(TypeError, self.zip.read, "test.txt", "python")
+        self.assertRaises(TypeError, self.zip.open, "test.txt", pwd="python")
+        self.assertRaises(TypeError, self.zip.extract, "test.txt", pwd="python")
 class TestsWithRandomBinaryFiles(unittest.TestCase):
    def setUp(self):

--- a/Lib/zipfile.py
+++ b/Lib/zipfile.py
@@ -880,8 +880,12 @@ class ZipFile:
    def setpassword(self, pwd):
        """Set default password for encrypted files."""
-        assert isinstance(pwd, bytes)
+        if pwd and not isinstance(pwd, bytes):
-        self.pwd = pwd
+            raise TypeError("pwd: expected bytes, got %s" % type(pwd))
+        if pwd:
+            self.pwd = pwd
+        else:
+            self.pwd = None
    def read(self, name, pwd=None):
        """Return file bytes (as a string) for name."""
@@ -891,6 +895,8 @@ class ZipFile:
        """Return file-like object for 'name'."""
        if mode not in ("r", "U", "rU"):
            raise RuntimeError('open() requires mode "r", "U", or "rU"')
+        if pwd and not isinstance(pwd, bytes):
+            raise TypeError("pwd: expected bytes, got %s" % type(pwd))
        if not self.fp:
            raise RuntimeError(
                  "Attempt to read ZIP archive that was already closed")
@@ -943,8 +949,8 @@ class ZipFile:
            #  completely random, while the 12th contains the MSB of the CRC,
            #  or the MSB of the file time depending on the header type
            #  and is used to check the correctness of the password.
-            bytes = zef_file.read(12)
+            header = zef_file.read(12)
-            h = list(map(zd, bytes[0:12]))
+            h = list(map(zd, header[0:12]))
            if zinfo.flag_bits & 0x8:
                # compare against the file type from extended local headers
                check_byte = (zinfo._raw_time >> 8) & 0xff

--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -24,6 +24,9 @@ Core and Builtins
 Library
 -------
+- Issue #4871: The zipfile module now gives a more useful error message if
+  an attempt is made to use a string to specify the archive password.
 - Issue #10750: The ``raw`` attribute of buffered IO objects is now read-only.
 - Issue #6791: Limit header line length (to 65535 bytes) in http.client