[Bug 6917] New: Changes to email.utils.getaddresses in Python 3.12.6 break patchbomb tests
mercurial-bugs at mercurial-scm.org
mercurial-bugs at mercurial-scm.org
Wed Sep 18 23:58:03 UTC 2024
https://bz.mercurial-scm.org/show_bug.cgi?id=6917
Bug ID: 6917
Summary: Changes to email.utils.getaddresses in Python 3.12.6
break patchbomb tests
Product: Mercurial
Version: default branch
Hardware: PC
OS: Linux
Status: UNCONFIRMED
Severity: bug
Priority: wish
Component: patchbomb
Assignee: bugzilla at mercurial-scm.org
Reporter: dave.jones at canonical.com
CC: mercurial-devel at mercurial-scm.org
Python Version: ---
Strict parsing of e-mail addresses, introduced in Python 3.12.6 [1] in response
to CVE-2023-27043, break the "multi-address parsing" test in
tests/test-patchbomb.t on line 2416 [2]. Specifically, attempting to parse
"spam<spam><eggs>" no longer results in two addresses, but none.
Under Python 3.12.5:
>>> getaddresses(['spam<spam><eggs>'])
[('spam', 'spam'), ('', 'eggs')]
Under Python 3.12.6:
>>> getaddresses(['spam<spam><eggs>'])
[('', '')]
The strict parsing flag is introduced to getaddresses, defaulting to True,
which can be set to False to restore the old behaviour, but I'm assuming it's
preferable in this case to update the test? Presumably something like the
following which would largely preserve the intent of the test:
diff -r db7dbe6f7bb2 -r 35b3c7d07330 tests/test-patchbomb.t
--- a/tests/test-patchbomb.t Wed Jun 19 14:49:35 2024 +0200
+++ b/tests/test-patchbomb.t Thu Sep 19 00:30:42 2024 +0100
@@ -2414,7 +2414,7 @@
test multi-address parsing:
- $ hg email --date '1980-1-1 0:1' -m tmp.mbox -f quux -t 'spam<spam><eggs>' \
+ $ hg email --date '1980-1-1 0:1' -m tmp.mbox -f quux -t 'spam<spam>,<eggs>'
\
> -t toast -c 'foo,bar at example.com' -c '"A, B <>" <a at example.com>' -s test
-r 0 \
> --config email.bcc='"Quux, A." <quux>'
this patch series consists of 1 patches.
[1]: https://docs.python.org/3/whatsnew/3.12.html#id11
[2]: https://repo.mercurial-scm.org/hg/file/tip/tests/test-patchbomb.t#l2416
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Mercurial-devel
mailing list