Issue #16040: CVE-2013-1752: nntplib: Limit maximum line lengths to 2048 to

prevent readline() calls from consuming too much memory. Patch by Jyrki Pulliainen.
2025-12-10 11:00:14 +00:00 · 2013-10-27 07:29:47 +01:00 · 2013-10-27 07:29:47 +01:00 · 28e78414f9
commit 28e78414f9
parent 7e27abbb39
3 changed files with 24 additions and 1 deletions
--- a/Lib/nntplib.py
+++ b/Lib/nntplib.py
@ -85,6 +85,13 @@ __all__ = ["NNTP",
           "decode_header",
           ]

+# maximal line length when calling readline(). This is to prevent
+# reading arbitrary lenght lines. RFC 3977 limits NNTP line length to
+# 512 characters, including CRLF. We have selected 2048 just to be on
+# the safe side.
+_MAXLINE = 2048
+
+
 # Exceptions raised when an error or invalid response is received
 class NNTPError(Exception):
    """Base class for all nntplib exceptions"""
@ -424,7 +431,9 @@ class _NNTPBase:
        """Internal: return one line from the server, stripping _CRLF.
        Raise EOFError if the connection is closed.
        Returns a bytes object."""
-        line = self.file.readline()
+        line = self.file.readline(_MAXLINE +1)
+        if len(line) > _MAXLINE:
+            raise NNTPDataError('line too long')
        if self.debugging > 1:
            print('*get*', repr(line))
        if not line: raise EOFError