mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-12-11 11:31:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

Issue #16040: CVE-2013-1752: nntplib: Limit maximum line lengths to 2048 to

Browse source 
prevent readline() calls from consuming too much memory.  Patch by Jyrki
Pulliainen.
This commit is contained in:
Georg Brandl 2013-10-27 07:29:47 +01:00
parent 7e27abbb39
commit 28e78414f9
3 changed files with 24 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

11
Lib/nntplib.py
View file

@ -85,6 +85,13 @@ __all__ = ["NNTP",
"decode_header", "decode_header",
] ]
# maximal line length when calling readline(). This is to prevent
# reading arbitrary lenght lines. RFC 3977 limits NNTP line length to
# 512 characters, including CRLF. We have selected 2048 just to be on
# the safe side.
_MAXLINE = 2048
# Exceptions raised when an error or invalid response is received # Exceptions raised when an error or invalid response is received
class NNTPError(Exception): class NNTPError(Exception):
"""Base class for all nntplib exceptions""" """Base class for all nntplib exceptions"""
@ -424,7 +431,9 @@ class _NNTPBase:
"""Internal: return one line from the server, stripping _CRLF. """Internal: return one line from the server, stripping _CRLF.
Raise EOFError if the connection is closed. Raise EOFError if the connection is closed.
Returns a bytes object.""" Returns a bytes object."""
line = self.file.readline() line = self.file.readline(_MAXLINE +1)
if len(line) > _MAXLINE:
raise NNTPDataError('line too long')
if self.debugging > 1: if self.debugging > 1:
print('*get*', repr(line)) print('*get*', repr(line))
if not line: raise EOFError if not line: raise EOFError

10
Lib/test/test_nntplib.py
View file

@ -584,6 +584,11 @@ class NNTPv1Handler:
<a4929a40-6328-491a-aaaf-cb79ed7309a2@q2g2000vbk.googlegroups.com> <a4929a40-6328-491a-aaaf-cb79ed7309a2@q2g2000vbk.googlegroups.com>
<f30c0419-f549-4218-848f-d7d0131da931@y3g2000vbm.googlegroups.com> <f30c0419-f549-4218-848f-d7d0131da931@y3g2000vbm.googlegroups.com>
.""") .""")
elif (group == 'comp.lang.python' and
date_str in ('20100101', '100101') and
time_str == '090000'):
self.push_lit('too long line' * 3000 +
'\n.')
else: else:
self.push_lit("""\ self.push_lit("""\
230 An empty list of newsarticles follows 230 An empty list of newsarticles follows
@ -1179,6 +1184,11 @@ class NNTPv1v2TestsMixin:
self.assertEqual(cm.exception.response, self.assertEqual(cm.exception.response,
"435 Article not wanted") "435 Article not wanted")
def test_too_long_lines(self):
dt = datetime.datetime(2010, 1, 1, 9, 0, 0)
self.assertRaises(nntplib.NNTPDataError,
self.server.newnews, "comp.lang.python", dt)
class NNTPv1Tests(NNTPv1v2TestsMixin, MockedNNTPTestsMixin, unittest.TestCase): class NNTPv1Tests(NNTPv1v2TestsMixin, MockedNNTPTestsMixin, unittest.TestCase):
"""Tests an NNTP v1 server (no capabilities).""" """Tests an NNTP v1 server (no capabilities)."""

4
Misc/NEWS
View file

@ -81,6 +81,10 @@ Core and Builtins
Library Library
------- -------
- Issue #16040: CVE-2013-1752: nntplib: Limit maximum line lengths to 2048 to
prevent readline() calls from consuming too much memory. Patch by Jyrki
Pulliainen.
- Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to - Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to
prevent readline() calls from consuming too much memory. Patch by Jyrki prevent readline() calls from consuming too much memory. Patch by Jyrki
Pulliainen. Pulliainen.