Skip to content

Commit

Permalink
fix: added a fingers-crossed handling for failed input data decoding
Browse files Browse the repository at this point in the history
Signed-off-by: Jan Kowalleck <[email protected]>
  • Loading branch information
jkowalleck committed Nov 3, 2023
1 parent 46cd517 commit 311491d
Show file tree
Hide file tree
Showing 4 changed files with 35 additions and 5 deletions.
12 changes: 8 additions & 4 deletions cyclonedx_py/client.py
Original file line number Diff line number Diff line change
Expand Up @@ -290,10 +290,14 @@ def _get_input_parser(self) -> BaseParser:
with input_data_fh:
input_data = input_data_fh.read()
if isinstance(input_data, bytes):
input_encoding = (chardetect(input_data)['encoding'] or '').replace(
# replace Windows-encoding with code-page
'Windows-', 'cp')
input_data = input_data.decode(input_encoding)
try:
input_encoding = (chardetect(input_data)['encoding'] or sys.getdefaultencoding()).replace(
# replace Windows-encoding with code-page
'Windows-', 'cp')
input_data = input_data.decode(input_encoding)
except ValueError:
# last resort: try utf8 and hope for the best
input_data = input_data.decode('utf-8', 'backslashreplace')
input_data_fh.close()

if self._arguments.input_from_conda_explicit:
Expand Down
2 changes: 1 addition & 1 deletion cyclonedx_py/parser/poetry.py
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ def __init__(
debug_message: DebugMessageCallback = quiet
) -> None:
debug_message('open file: {}', poetry_lock_filename)
with open(poetry_lock_filename) as plf:
with open(poetry_lock_filename, errors='backslashreplace') as plf:
super(PoetryFileParser, self).__init__(
poetry_lock_contents=plf.read(), use_purl_bom_ref=use_purl_bom_ref,
debug_message=debug_message
Expand Down
17 changes: 17 additions & 0 deletions tests/fixtures/poetry-lock-regression-issue611.txt.bin
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# This file is automatically @generated by Poetry 1.6.1 and should not be changed by hand.

[[package]]
name = "pyhumps"
version = "3.7.1"
description = "🐫 Convert strings (and dictionary keys) between snake case, camel case and pascal case in Python. Inspired by Humps for Node"
optional = false
python-versions = "*"
files = [
{file = "pyhumps-3.7.1-py3-none-any.whl", hash = "sha256:c6f2d833f2c7afae039d71b7dc0aba5412ae5b8c8c33d4a208c1d412de17229e"},
{file = "pyhumps-3.7.1.tar.gz", hash = "sha256:5616f0afdbc73ef479fa9999f4abdcb336a0232707ff1a0b86e29fc9339e18da"},
]

[metadata]
lock-version = "2.0"
python-versions = "^3.11"
content-hash = "e9676d347231afe6a46e027d88442e90348436b55346267e68a37e340c5f8f6f"
9 changes: 9 additions & 0 deletions tests/test_parser_poetry.py
Original file line number Diff line number Diff line change
Expand Up @@ -53,3 +53,12 @@ def test_simple_purl_bom_ref(self, lock_file_name: str) -> None:
self.assertEqual(component.purl.to_string(), component.bom_ref.value)
self.assertEqual('0.10.2', component.version)
self.assertEqual(2, len(component.external_references), f'{component.external_references}')

def test_regression_issue611(self) -> None:
# see https://github.com/CycloneDX/cyclonedx-python/issues/611
lock_file_name = 'poetry-lock-regression-issue611.txt.bin'
poetry_lock_filename = os.path.join(os.path.dirname(__file__), 'fixtures', lock_file_name)
parser = PoetryFileParser(poetry_lock_filename=poetry_lock_filename, use_purl_bom_ref=True)
self.assertEqual(1, parser.component_count())
component = next(filter(lambda c: c.name == 'pyhumps', parser.get_components()), None)
self.assertEqual('pyhumps', component.name)

0 comments on commit 311491d

Please sign in to comment.