Fixed spot in guarded_getitem which inappropriately short-circuited some...

Fixed spot in guarded_getitem which inappropriately short-circuited some security checks (also fixes Collector 2483), thanks to Matt Behrens.

Fixed spot in guarded_getitem which inappropriately short-circuited some...
Fixed spot in guarded_getitem which inappropriately short-circuited some security checks (also fixes Collector 2483), thanks to Matt Behrens.
bd2ea537 · Chris McDonough · 9bd0c6a5 · bd2ea537
Commit bd2ea537 authored Aug 08, 2001 by Chris McDonough
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

lib/python/AccessControl/ZopeGuards.py lib/python/AccessControl/ZopeGuards.py +2 -2

No files found.
--- a/lib/python/AccessControl/ZopeGuards.py
+++ b/lib/python/AccessControl/ZopeGuards.py
@@ -83,7 +83,7 @@
 # 
 ##############################################################################

-__version__='$Revision: 1.5 $'[11:-2]
+__version__='$Revision: 1.6 $'[11:-2]

 from RestrictedPython.Guards import safe_builtins, _full_read_guard, \
     full_write_guard
@@ -149,7 +149,7 @@ def guarded_getitem(object, index):
        # We don't guard slices.
        return v
    v = object[index]
-    if Containers(type(object)):
+    if Containers(type(object)) and Containers(type(v)):
        # Simple type.  Short circuit.
        return v
    if getSecurityManager().validate(object, object, index, v):