-
Type:
Bug
-
Status: Closed
-
Priority:
Trivial - P5
-
Resolution: Fixed
-
Affects Version/s: 2.0.1
-
Fix Version/s: 2.1
-
Component/s: None
-
Labels:None
-
# Replies:2
-
Last comment by Customer:true
Error-reporting code in Database.command does not sanitize the string representation of the outgoing command object in the error message.
This code will raise a ValueError from the failed format rather than an OperationFailure:
import pymongo
c = pymongo.Connection()
db = c.test
db.command("%")
This is the offending code, found on line 338 in database.py:
msg = "command %r failed: %%s" % command
Replacing this line with the following line will fix the bug:
msg = "command %s failed: %%s" % repr(command).replace("%", "%%")