[issue13685] argparse does not sanitize help strings for % signs

2012-01-10 Thread Steven Bethard 

Steven Bethard  added the comment:

Eric's suggested doc fix looks good to me.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue13685] argparse does not sanitize help strings for % signs

2012-01-06 Thread Terry J. Reedy 

Changes by Terry J. Reedy :


--
nosy: +bethard

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue13685] argparse does not sanitize help strings for % signs

2012-01-03 Thread Jeff Yurkiw 

Jeff Yurkiw  added the comment:

That would probably work too.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue13685] argparse does not sanitize help strings for % signs

2012-01-02 Thread Eric V. Smith 

Eric V. Smith  added the comment:

In case I wasn't clear, I mean that the help string supports %-formatting 
variable expansion, such as "%(default)s". I think it would be good if a 
sentence were added to the end of the "help" section, saying something like:

Because the help string supports %-formatting, if you want a literal "%" to 
appear in the help string, you must escape it as "%%".

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue13685] argparse does not sanitize help strings for % signs

2011-12-30 Thread Eric V. Smith 

Eric V. Smith  added the comment:

This is because the help text support substitution, as mentioned here: 
http://docs.python.org/dev/library/argparse.html#help

It's possible this documentation could be improved.

--
assignee:  -> docs@python
components: +Documentation -None
nosy: +docs@python, eric.smith

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue13685] argparse does not sanitize help strings for % signs

2011-12-30 Thread Jeff Yurkiw 

New submission from Jeff Yurkiw :

I discovered this while programming the command line interface for a python 
program that can take a passed argument and throw it into the 'where like' 
clause of a SQL expression (intended for a postgresql database).

The wildcard character for where-like statements is generally the percent sign, 
which is how I found this ("WHERE %s LIKE '%--value%')".

If you use any single '%' signs in an ArgumentParser.new_argument(help=)'s help 
description Python 3.2 will throw an error.

Workaround: You can avoid this issue by doubling up on all % signs that you 
want to display in your help text.

parser.add_argument(('--foo', action='store',help='%bar') throws an error.
parser.add_argument(('--foo', action='store',help='%%bar') displays '--foo FOO  
 %bar'.

Suggested fix:
When assigning help strings from add_argument(), throw them through a sanitizer 
and replace all occurrences of '%' with '%%' behind the scenes.

Example code (argparseBug.py):

from argparse import ArgumentParser

parser = ArgumentParser()
parser.add_argument('--foo', action='store', help='%bar')

args = parser.parse_args('-h'.split())

You get the following stacktrace:
Traceback (most recent call last):
  File "/path/to/script/argparseBug.py", line 6, in 
args = parser.parse_args('-h'.split())
  File "/usr/lib/python3.2/argparse.py", line 1701, in parse_args
args, argv = self.parse_known_args(args, namespace)
  File "/usr/lib/python3.2/argparse.py", line 1733, in parse_known_args
namespace, args = self._parse_known_args(args, namespace)
  File "/usr/lib/python3.2/argparse.py", line 1939, in _parse_known_args
start_index = consume_optional(start_index)
  File "/usr/lib/python3.2/argparse.py", line 1879, in consume_optional
take_action(action, args, option_string)
  File "/usr/lib/python3.2/argparse.py", line 1807, in take_action
action(self, namespace, argument_values, option_string)
  File "/usr/lib/python3.2/argparse.py", line 994, in __call__
parser.print_help()
  File "/usr/lib/python3.2/argparse.py", line 2331, in print_help
self._print_message(self.format_help(), file)
  File "/usr/lib/python3.2/argparse.py", line 2305, in format_help
return formatter.format_help()
  File "/usr/lib/python3.2/argparse.py", line 279, in format_help
help = self._root_section.format_help()
  File "/usr/lib/python3.2/argparse.py", line 209, in format_help
func(*args)
  File "/usr/lib/python3.2/argparse.py", line 209, in format_help
func(*args)
  File "/usr/lib/python3.2/argparse.py", line 515, in _format_action
help_text = self._expand_help(action)
  File "/usr/lib/python3.2/argparse.py", line 601, in _expand_help
return self._get_help_string(action) % params
ValueError: unsupported format character 'b' (0x62) at index 1

--
components: None
files: argparseBug.py
messages: 150404
nosy: Jeff.Yurkiw
priority: normal
severity: normal
status: open
title: argparse does not sanitize help strings for % signs
type: behavior
versions: Python 3.2
Added file: http://bugs.python.org/file24115/argparseBug.py

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com