[issue4713] Installing sgmlop can crash xmlrpclib
Christoph Zwerschke
report at bugs.python.org
Sun Dec 21 22:30:07 CET 2008
New submission from Christoph Zwerschke <cito at online.de>:
If you install sgmlop (downloadable from
http://effbot.org/downloads/#sgmlop) under Python 2.x, then this can
break xmlrpclib.
You can reproduce this problem as follows (I have tested with Py 2.4,
2.5 and 2.6):
------------
data = """<?xml version="1.0" encoding="UTF-8"?>
<methodCall><methodName>f</methodName><params>
<param><value>käse</value></param>
</params></methodCall>"""
import xmlrpclib
assert xmlrpclib.FastParser is None
print xmlrpclib.SgmlopParser and 'with' or 'without', 'sgmlop'
assert xmlrpclib.loads(data) == ((u'k\xe4se',), 'f')
------------
If sgmlop is installed, this gives a UnicodeDecodeError, otherwise
everything works well.
This happens because xmlrpclib prefers using sgmlop over
lib.parsers.expat, but fails to handle numeric character entities
properly with this parser.
Find attached a patch that fixes this problem.
I also wonder whether lib.parsers.expat shouldn't be preferred over
sgmlop, since the latter is somewhat outdated, and installing external
libraries should not cause crashes or wrong behavior of standard lib
modules (see also Issue1772916 for a similar problem).
----------
components: Library (Lib)
messages: 78156
nosy: cito
severity: normal
status: open
title: Installing sgmlop can crash xmlrpclib
type: crash
versions: Python 2.6
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue4713>
_______________________________________
More information about the Python-bugs-list
mailing list