From bd0552012a8f1d4082fec8602dab61f649ec461e Mon Sep 17 00:00:00 2001 From: neuralbroker Date: Sun, 7 Jun 2026 16:34:41 -0800 Subject: [PATCH] Fix potential KeyError in raise_dropbox_error_for_resp and replace eval() in setup.py 1. Fix potential KeyError in raise_dropbox_error_for_resp() - use .get('error') instead of ['error'] to avoid KeyError when JSON doesn't contain the error key. Also catch AttributeError alongside ValueError. 2. Replace eval() with safe string parsing in setup.py --- dropbox/dropbox_client.py | 5 +++-- setup.py | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/dropbox/dropbox_client.py b/dropbox/dropbox_client.py index 3ddf8243..37de7de5 100644 --- a/dropbox/dropbox_client.py +++ b/dropbox/dropbox_client.py @@ -620,14 +620,15 @@ def raise_dropbox_error_for_resp(self, res): raise InternalServerError(request_id, res.status_code, res.text) elif res.status_code == 400: try: - if res.json()['error'] == 'invalid_grant': + error_val = res.json().get('error') + if error_val == 'invalid_grant': request_id = res.headers.get('x-dropbox-request-id') err = stone_serializers.json_compat_obj_decode( AuthError_validator, 'invalid_access_token') raise AuthError(request_id, err) else: raise BadInputError(request_id, res.text) - except ValueError: + except (ValueError, AttributeError): raise BadInputError(request_id, res.text) elif res.status_code == 401: assert res.headers.get('content-type') == 'application/json', ( diff --git a/setup.py b/setup.py index d165cdd3..803f0bd6 100644 --- a/setup.py +++ b/setup.py @@ -12,7 +12,7 @@ for line in open(dbx_mod_path): if line.startswith('__version__'): break -version = eval(line.split('=', 1)[1].strip()) # pylint: disable=eval-used +version = line.split('=', 1)[1].strip().strip('\'"') install_reqs = [ 'requests>=2.16.2',