Insufficient escaping on dictionary keys and values
ruamel.yaml is a YAML 1.2 parser/emitter for Python
Brought to you by:
anthon
Menu
▾
▴
#339 Insufficient escaping on dictionary keys and values
There appears to be insufficient escaping on keys and values in dictionaries. For example:
# example 1
import ruamel.yaml
test_data = {0: '?R'}
assert ruamel.yaml.safe_load(ruamel.yaml.dump(test_data)) == test_data
or
# example 2
import ruamel.yaml
test_data = {':0': 0}
assert ruamel.yaml.safe_load(ruamel.yaml.dump(test_data)) == test_data
Expected behaviour: assertions pass (no output)
Actual behaviour: Exception is raised.
In both cases, the values can be represented in YAML in a way that ruamel.yaml can load:
# expected behaviour for example 1
import ruamel.yaml
test_data = {0: '?R'}
assert ruamel.yaml.safe_load("{0: '?R'}") == test_data
or
# example 2
import ruamel.yaml
test_data = {':0': 0}
assert ruamel.yaml.safe_load("{':0': 0}") == test_data
Use case: I would like to use hypothesis to property-test my code which uses ruamel.yaml
In general I would like to be able to round-trip data through YAML, without worrying whether they will be represented correctly; testing with
hypothesisis just how I identified the issue.Example values that are problematic as dictionary keys include:
::1:-):=:8080Example values that are problematic as dictionary values include:
?? not sure?eadme.txt?query=xyzzy? "hello world!"A practical example of these would be an Ansible inventory file including the IPv6 localhost. This is a valid inventory as far as Ansible is concerned.
Last edit: Jiri Baum 2020-02-25
In terms of the yaml-test-suite, the relevant test cases are:
In general, ruamel.yaml should probably pass the
load(dump(data)) == datatest for all the test cases in the yaml-test-suite.Last edit: Jiri Baum 2020-02-25