[Zope-Checkins] CVS: Zope/ZServer - FCGIServer.py:1.20.6.1
HTTPResponse.py:1.41.6.1 PCGIServer.py:1.24.6.1
Tres Seaver
tseaver at zope.com
Thu Jan 8 15:26:57 EST 2004
Update of /cvs-repository/Zope/ZServer
In directory cvs.zope.org:/tmp/cvs-serv32142/ZServer
Modified Files:
Tag: Zope-2_6-branch
FCGIServer.py HTTPResponse.py PCGIServer.py
Log Message:
- Inadequate type checking could allow unicode values passed to
RESPONSE.write() to be passed into deeper layers of asyncore,
where an exception would eventually be generated at a level that
would cause the Zserver main loop to terminate.
=== Zope/ZServer/FCGIServer.py 1.20 => 1.20.6.1 ===
--- Zope/ZServer/FCGIServer.py:1.20 Wed Aug 14 17:16:50 2002
+++ Zope/ZServer/FCGIServer.py Thu Jan 8 15:26:26 2004
@@ -669,6 +669,10 @@
self.channel = channel
def write(self, data):
+
+ if type(data) != type(''):
+ raise TypeError('Value must be a string')
+
stdout=self.stdout
if not self._wrote:
=== Zope/ZServer/HTTPResponse.py 1.41 => 1.41.6.1 ===
--- Zope/ZServer/HTTPResponse.py:1.41 Wed Aug 14 17:16:50 2002
+++ Zope/ZServer/HTTPResponse.py Thu Jan 8 15:26:26 2004
@@ -151,6 +151,10 @@
after beginning stream-oriented output.
"""
+
+ if type(data) != type(''):
+ raise TypeError('Value must be a string')
+
stdout=self.stdout
if not self._wrote:
=== Zope/ZServer/PCGIServer.py 1.24 => 1.24.6.1 ===
--- Zope/ZServer/PCGIServer.py:1.24 Wed Aug 14 17:16:50 2002
+++ Zope/ZServer/PCGIServer.py Thu Jan 8 15:26:26 2004
@@ -337,6 +337,10 @@
class PCGIResponse(HTTPResponse):
def write(self, data):
+
+ if type(data) != type(''):
+ raise TypeError('Value must be a string')
+
if not self._wrote:
self.stdout.write(str(self))
self._wrote=1
More information about the Zope-Checkins
mailing list