Skip to main content

Browse the archive

Staging
v0.5.1
https://github.com/python/cpython
09 December 2020, 11:06:31 UTC
Revision 1789bbdd3e03023951a39933ef12dee0a03be616 authored by Miss Islington (bot) on 01 August 2019, 16:36:46 UTC, committed by Ned Deily on 01 August 2019, 16:36:46 UTC 
bpo-37461: Fix infinite loop in parsing of specially crafted email headers (GH-14794) (GH-14817)
 
Some crafted email header would cause the get_parameter method to run in an
infinite loop causing a DoS attack surface when parsing those headers. This
patch fixes that by making sure the DQUOTE character is handled to prevent
going into an infinite loop.
(cherry picked from commit a4a994bd3e619cbaff97610a1cee8ffa87c672f5)

Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>
1 parent 79a47e2
Raw File
Tip revision: 1789bbdd3e03023951a39933ef12dee0a03be616 authored by Miss Islington (bot) on 01 August 2019, 16:36:46 UTC
bpo-37461: Fix infinite loop in parsing of specially crafted email headers (GH-14794) (GH-14817)
Tip revision: 1789bbd
ci.yml 
variables:
  manylinux: false
  coverage: false

jobs:
- job: Prebuild
  displayName: Pre-build checks

  pool:
    vmImage: ubuntu-16.04

  steps:
  - template: ./prebuild-checks.yml


- job: Docs_PR
  displayName: Docs PR
  dependsOn: Prebuild
  condition: and(succeeded(), eq(dependencies.Prebuild.outputs['docs.run'], 'true'))

  pool:
    vmImage: ubuntu-16.04

  steps:
  - template: ./docs-steps.yml
    parameters:
      upload: true


- job: macOS_CI_Tests
  displayName: macOS CI Tests
  dependsOn: Prebuild
  condition: and(succeeded(), eq(dependencies.Prebuild.outputs['tests.run'], 'true'))

  variables:
    testRunTitle: '$(build.sourceBranchName)-macos'
    testRunPlatform: macos

  pool:
    vmImage: xcode9-macos10.13

  steps:
  - template: ./macos-steps.yml


- job: Ubuntu_CI_Tests
  displayName: Ubuntu CI Tests
  dependsOn: Prebuild
  condition: and(succeeded(), eq(dependencies.Prebuild.outputs['tests.run'], 'true'))

  pool:
    vmImage: ubuntu-16.04

  variables:
    testRunTitle: '$(build.sourceBranchName)-linux'
    testRunPlatform: linux
    openssl_version: 1.1.0g

  steps:
  - template: ./posix-steps.yml


- job: ManyLinux1_CI_Tests
  displayName: ManyLinux1 CI Tests
  dependsOn: Prebuild
  condition: |
    and(
        and(
            succeeded(),
            eq(variables['manylinux'], 'true')
        ),
        eq(dependencies.Prebuild.outputs['tests.run'], 'true')
    )

  pool:
    vmImage: ubuntu-16.04

  variables:
    testRunTitle: '$(build.sourceBranchName)-manylinux1'
    testRunPlatform: manylinux1
    imageName: 'dockcross/manylinux-x64'

  steps:
  - template: ./docker-steps.yml


- job: Ubuntu_Coverage_CI_Tests
  displayName: Ubuntu CI Tests (coverage)
  dependsOn: Prebuild
  condition: |
    and(
        and(
            succeeded(),
            eq(variables['coverage'], 'true')
        ),
        eq(dependencies.Prebuild.outputs['tests.run'], 'true')
    )

  pool:
    vmImage: ubuntu-16.04

  variables:
    testRunTitle: '$(Build.SourceBranchName)-linux-coverage'
    testRunPlatform: linux-coverage
    openssl_version: 1.1.0g

  steps:
  - template: ./posix-steps.yml
    parameters:
      coverage: true


- job: Windows_CI_Tests
  displayName: Windows CI Tests
  dependsOn: Prebuild
  condition: and(succeeded(), eq(dependencies.Prebuild.outputs['tests.run'], 'true'))

  pool:
    vmImage: vs2017-win2016

  strategy:
    matrix:
      win32:
        arch: win32
        buildOpt:
        testRunTitle: '$(Build.SourceBranchName)-win32'
        testRunPlatform: win32
      win64:
        arch: amd64
        buildOpt: '-p x64'
        testRunTitle: '$(Build.SourceBranchName)-win64'
        testRunPlatform: win64
    maxParallel: 2

  steps:
  - template: ./windows-steps.yml
back to top