pip-audit icon indicating copy to clipboard operation
pip-audit copied to clipboard

Published 20 hours ago verified publisher icon pypa

Subprocess: fix stream handling

Open woodruffw opened this issue 2 years ago • 2 comments

#572 provides a temporary fix by doing codepoint substitution, but #573 demonstrates that our underlying poll/buffering technique is unsound: our buffering might split a unicode sequence, resulting in invalid encodings in an otherwise valid stream.

Rather than performing the poll-buffer loop ourselves, we should probably use Popen.communicate().

woodruffw avatar Mar 23 '23 19:03 woodruffw

Tagging @tetsuo-cpp for triage, feel free to reassign 🙂

woodruffw avatar Mar 23 '23 19:03 woodruffw

@jleightcap This one would be also be good if you have time.

tetsuo-cpp avatar Mar 23 '23 23:03 tetsuo-cpp