Launchpad #174705: ensure that the error info object exposed to a

'tal:on_error' handler has attributes visible to restricted code.

Launchpad #174705: ensure that the error info object exposed to a
'tal:on_error' handler has attributes visible to restricted code.
ebb12c44 · Tres Seaver · c77837bc · ebb12c44 · ebb12c44 · ebb12c44
Commit ebb12c44 authored Dec 01, 2008 by Tres Seaver
3 changed files
--- a/doc/CHANGES.txt
+++ b/doc/CHANGES.txt
@@ -226,6 +226,9 @@ Zope Changes

    Bugs Fixed

+      - Launchpad #174705:  ensure that the error info object exposed to a
+        'tal:on_error' handler has attributes visible to restricted code.
+
      - After the proper introduction of parent-pointers, it's now
        wrong to acquisition-wrap content providers. We will now use
        the "classic" content provider expression from Zope 3.

--- a/lib/python/Products/PageTemplates/Expressions.py
+++ b/lib/python/Products/PageTemplates/Expressions.py
@@ -22,7 +22,9 @@ import logging

 from zope.component import queryUtility
 from zope.interface import implements
-from zope.tales.tales import Context, Iterator
+from zope.tales.tales import Context
+from zope.tales.tales import ErrorInfo as BaseErrorInfo
+from zope.tales.tales import Iterator
 from zope.tales.expressions import PathExpr, StringExpr, NotExpr
 from zope.tales.expressions import DeferExpr, Undefs
 from zope.tales.pythonexpr import PythonExpr
@@ -234,6 +236,23 @@ class ZopeContext(Context):
            # objects
            return unicode(text)

+    def createErrorInfo(self, err, position):
+        # Override, returning an object accessible to untrusted code.
+        # See: https://bugs.launchpad.net/zope2/+bug/174705
+        return ErrorInfo(err, position)
+
+    def evaluateCode(self, lang, code):
+        """ See ITALExpressionEngine.
+
+        o This method is a fossil:  nobody actually calls it, but the
+          interface requires it.
+        """
+        raise NotImplementedError
+
+class ErrorInfo(BaseErrorInfo):
+    """Information about an exception passed to an on-error handler.
+    """
+    __allow_access_to_unprotected_subobjects__ = True

 class ZopeEngine(zope.app.pagetemplate.engine.ZopeEngine):


--- a/lib/python/Products/PageTemplates/tests/testExpressions.py
+++ b/lib/python/Products/PageTemplates/tests/testExpressions.py
@@ -227,11 +227,47 @@ class UnicodeEncodingConflictResolverTests(PlacelessSetup, unittest.TestCase):
        self.assertEqual(resolver.resolve(None, '', None),
                         u'\ufffd\ufffd\ufffd')

+class ZopeContextTests(unittest.TestCase):
+
+    def _getTargetClass(self):
+        from Products.PageTemplates.Expressions import ZopeContext
+        return ZopeContext
+
+    def _makeOne(self, engine=None, contexts=None):
+        if engine is None:
+            engine = self._makeEngine()
+        if contexts is None:
+            contexts = {}
+        return self._getTargetClass()(engine, contexts)
+
+    def _makeEngine(self):
+        class DummyEngine:
+            pass
+        return DummyEngine()
+
+    def test_class_conforms_to_ITALExpressionEngine(self):
+        from zope.interface.verify import verifyClass
+        from zope.tal.interfaces import ITALExpressionEngine
+        verifyClass(ITALExpressionEngine, self._getTargetClass())
+
+    def test_instance_conforms_to_ITALExpressionEngine(self):
+        from zope.interface.verify import verifyObject
+        from zope.tal.interfaces import ITALExpressionEngine
+        verifyObject(ITALExpressionEngine, self._makeOne())
+
+    def test_createErrorInfo_returns_unrestricted_object(self):
+        # See: https://bugs.launchpad.net/zope2/+bug/174705
+        context = self._makeOne()
+        info = context.createErrorInfo(AttributeError('nonesuch'), (12, 3))
+        self.failUnless(info.type is AttributeError)
+        self.assertEqual(info.__allow_access_to_unprotected_subobjects__, 1)
+
 def test_suite():
    return unittest.TestSuite((
         unittest.makeSuite(UntrustedEngineTests),
         unittest.makeSuite(TrustedEngineTests),
-         unittest.makeSuite(UnicodeEncodingConflictResolverTests)
+         unittest.makeSuite(UnicodeEncodingConflictResolverTests),
+         unittest.makeSuite(ZopeContextTests),
    ))

 if __name__=='__main__':