Revision - 1789bbd - bpo-37461: Fix infinite loop in parsing of specially crafted [...]

Staging
v0.8.1

Revision 1789bbdd3e03023951a39933ef12dee0a03be616 authored by Miss Islington (bot) on 01 August 2019, 16:36:46 UTC, committed by Ned Deily on 01 August 2019, 16:36:46 UTC

bpo-37461: Fix infinite loop in parsing of specially crafted email headers (GH-14794) (GH-14817)

Some crafted email header would cause the get_parameter method to run in an
infinite loop causing a DoS attack surface when parsing those headers. This
patch fixes that by making sure the DQUOTE character is handled to prevent
going into an infinite loop.
(cherry picked from commit a4a994bd3e619cbaff97610a1cee8ffa87c672f5)

Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>

1 parent 79a47e2

Files
Changes

Permalinks

.bzrignore

.purify
autom4te.cache
config.log
config.cache
config.status
config.status.lineno
db_home
Makefile
buildno
python
build
Makefile.pre
platform
pybuilddir.txt
pyconfig.h
libpython*.a
libpython*.so*
python.exe
python-gdb.py
reflog.txt
tags
TAGS
.gdb_history
Doc/tools/sphinx
Doc/tools/jinja
Doc/tools/jinja2
Doc/tools/pygments
Doc/tools/docutils
Misc/python.pc
Modules/Setup
Modules/Setup.config
Modules/Setup.local
Modules/config.c
Modules/ld_so_aix
Parser/pgen
Lib/test/data/*
Lib/lib2to3/Grammar*.pickle
Lib/lib2to3/PatternGrammar*.pickle
__pycache__
.coverage
coverage/*
htmlcov/*

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...