Mercurial > hg > mercurial-source

diff mercurial/templatefilters.py @ 35620:4fdc4adbc838

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
templatefilters: defend against evil unicode strs in json filter We only want to do I/O in terms of bytes, so lets explode early instead of recursing forever. Differential Revision: https://phab.mercurial-scm.org/D1136
author Augie Fackler <augie@google.com>
date Mon, 16 Oct 2017 22:44:43 -0400
parents e178fcaa3933
children dad8a5071b0a d1aae6d4efc5
line wrap: on
line diff
--- a/mercurial/templatefilters.py
+++ b/mercurial/templatefilters.py
@@ -13,6 +13,7 @@
 
 from . import (
     encoding,
+    error,
     hbisect,
     node,
     pycompat,
@@ -233,6 +234,13 @@
         return pycompat.bytestr(obj)
     elif isinstance(obj, bytes):
         return '"%s"' % encoding.jsonescape(obj, paranoid=paranoid)
+    elif isinstance(obj, str):
+        # This branch is unreachable on Python 2, because bytes == str
+        # and we'll return in the next-earlier block in the elif
+        # ladder. On Python 3, this helps us catch bugs before they
+        # hurt someone.
+        raise error.ProgrammingError(
+            'Mercurial only does output with bytes on Python 3: %r' % obj)
     elif util.safehasattr(obj, 'keys'):
         out = ['"%s": %s' % (encoding.jsonescape(k, paranoid=paranoid),
                              json(v, paranoid))