From e9f706b057644fc13069e98fc26f792e374d8630 Mon Sep 17 00:00:00 2001 From: tonghuaroot Date: Fri, 3 Jul 2026 21:31:19 +0800 Subject: [PATCH] gh-152959: Raise ValueError for a outside a in plistlib _PlistParser.end_key evaluated self.stack[-1] before checking whether the stack was empty, so a element outside a (for example at the document root) leaked an IndexError instead of a ValueError. Guard the empty-stack case, matching the sibling add_object handler. The binary plist format does not use this path and is unaffected. --- Lib/plistlib.py | 3 ++- Lib/test/test_plistlib.py | 6 ++++++ .../Library/2026-07-03-15-30-00.gh-issue-152959.Kx7Qm2.rst | 2 ++ 3 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 Misc/NEWS.d/next/Library/2026-07-03-15-30-00.gh-issue-152959.Kx7Qm2.rst diff --git a/Lib/plistlib.py b/Lib/plistlib.py index 93f3ef5e38af843..5617e64161c8435 100644 --- a/Lib/plistlib.py +++ b/Lib/plistlib.py @@ -243,7 +243,8 @@ def end_dict(self): self.stack.pop() def end_key(self): - if self.current_key or not isinstance(self.stack[-1], dict): + if (self.current_key or not self.stack + or not isinstance(self.stack[-1], dict)): raise ValueError("unexpected key at line %d" % self.parser.CurrentLineNumber) self.current_key = self.get_data() diff --git a/Lib/test/test_plistlib.py b/Lib/test/test_plistlib.py index b9c261310bb5670..d4543088f1f71d0 100644 --- a/Lib/test/test_plistlib.py +++ b/Lib/test/test_plistlib.py @@ -876,6 +876,12 @@ def test_invalidreal(self): self.assertRaises(ValueError, plistlib.loads, b"not real") + def test_invalidkey(self): + for xml in (b"x", + b'x', + b"x"): + self.assertRaises(ValueError, plistlib.loads, xml) + def test_integer_notations(self): pl = b"456" value = plistlib.loads(pl) diff --git a/Misc/NEWS.d/next/Library/2026-07-03-15-30-00.gh-issue-152959.Kx7Qm2.rst b/Misc/NEWS.d/next/Library/2026-07-03-15-30-00.gh-issue-152959.Kx7Qm2.rst new file mode 100644 index 000000000000000..9640eafa7a8aa33 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2026-07-03-15-30-00.gh-issue-152959.Kx7Qm2.rst @@ -0,0 +1,2 @@ +:mod:`plistlib` now raises :exc:`ValueError` for a ```` outside a +```` in an XML plist. Patch by tonghuaroot.