Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Catch unhandled ValueError from future timestamp #296

Merged
merged 3 commits into from Mar 9, 2022
Merged

Catch unhandled ValueError from future timestamp #296

merged 3 commits into from Mar 9, 2022

Conversation

alanhamlett
Copy link
Contributor

@alanhamlett alanhamlett commented Mar 8, 2022
edited

Fixes unhandled ValueError when timestamp is too far in the future:

Traceback (most recent call last):
  File "venv/lib/python3.8/site-packages/flask/app.py", line 2072, in wsgi_app
    ctx.push()
  File "venv/lib/python3.8/site-packages/flask/ctx.py", line 404, in push
    self.session = session_interface.open_session(self.app, self.request)
  File "venv/lib/python3.8/site-packages/flask/sessions.py", line 361, in open_session
    data = s.loads(val, max_age=max_age)
  File "venv/lib/python3.8/site-packages/itsdangerous/timed.py", line 203, in loads
    base64d, timestamp = signer.unsign(
  File "venv/lib/python3.8/site-packages/itsdangerous/timed.py", line 127, in unsign
    ts_dt = self.timestamp_to_datetime(ts_int)
  File "venv/lib/python3.8/site-packages/itsdangerous/timed.py", line 47, in timestamp_to_datetime
    return datetime.fromtimestamp(ts, tz=timezone.utc)
ValueError: year 5365471 is out of range

Checklist:

  • Add tests that demonstrate the correct behavior of the change. Tests should fail without the change.
  • Add or update relevant docs, in the docs folder and in code.
  • Add an entry in CHANGES.rst summarizing the change and linking to the issue.
  • Add .. versionchanged:: entries in any relevant code docs.
  • Run pre-commit hooks and fix any issues.
  • Run pytest and tox, no tests failed.

@alanhamlett
Copy link
Contributor Author

@davidism ready for review. Thanks!

@davidism davidism added this to the 2.1.1 milestone Mar 9, 2022
@davidism davidism changed the base branch from main to 2.1.x March 9, 2022 14:20
davidism
davidism reviewed Mar 9, 2022
View reviewed changes
tests/test_itsdangerous/test_timed.py Outdated
@@ -66,6 +67,18 @@ def test_malformed_timestamp(self, signer):
assert "Malformed" in str(exc_info.value)
assert exc_info.value.date_signed is None

@pytest.mark.skipif(
sys.platform == "win32", reason="Freezegun Invalid argument occurs on Windows"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This shouldn't be ignored. It's not freezegun that fails, it's datetime. Apparently datetime on Windows raises an OSError for an invalid timestamp value. This is expected since the handling is based on the operating system: https://bugs.python.org/issue45031

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch, I see you fixed it and merged. Thanks!

@davidism davidism merged commit 25494a8 into pallets:2.1.x Mar 9, 2022
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 24, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@davidism davidism davidism left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.1.1
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@alanhamlett @davidism