Records with File uploads and tainted values die

Bug #142695 reported by Christian Theune
2
Affects Status Importance Assigned to Milestone
Zope 2
Invalid
Low
Unassigned

Bug Description

When uploading a file which is an element of a record
list

(<input type="file" name="element.file:records">)

and something with tainted values happens than
it the HTTPRequest tries to
deepcopy the element with the file upload objects
which contains non-deep-copyable things (methods).

Traceback comes here:
    * Module ZPublisher.Publish, line 150, in publish_module
    * Module ZPublisher.Publish, line 114, in publish
    * Module Zope.App.startup, line 199, in zpublisher_exception_hook
    * Module ZPublisher.Publish, line 63, in publish
    * Module ZPublisher.HTTPRequest, line 580, in processInputs
    * Module copy, line 160, in deepcopy
    * Module copy, line 182, in _deepcopy_list
    * Module copy, line 160, in deepcopy
    * Module copy, line 248, in _deepcopy_inst
    * Module copy, line 160, in deepcopy
    * Module copy, line 209, in _deepcopy_dict
    * Module copy, line 160, in deepcopy
    * Module copy, line 248, in _deepcopy_inst
    * Module copy, line 160, in deepcopy
    * Module copy, line 209, in _deepcopy_dict
    * Module copy, line 156, in deepcopy

Error: un-deep-copyable object of type <type 'instance method'> (Also, an error occurred while attempting to render the standard error message.)

Tags: bug zope
Revision history for this message
Florent Guillaume (efge) wrote :

Any updates? What's current Zope's status about this?

Revision history for this message
Florent Guillaume (efge) wrote :

Changes: submitter email, edited transcript, importance (critical => medium)

Tres Seaver (tseaver)
Changed in zope2:
status: New → Triaged
importance: Medium → Low
Revision history for this message
Colin Watson (cjwatson) wrote :

The zope2 project on Launchpad has been archived at the request of the Zope developers (see https://answers.launchpad.net/launchpad/+question/683589 and https://answers.launchpad.net/launchpad/+question/685285). If this bug is still relevant, please refile it at https://github.com/zopefoundation/zope2.

Changed in zope2:
status: Triaged → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.