Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to limit

line length. Patch by Emil Lind.
2025-08-31 05:58:33 +00:00 · 2013-10-27 06:52:14 +01:00 · 2013-10-27 06:52:14 +01:00 · ca580f4ec1
commit ca580f4ec1
parent 246eb11058
3 changed files with 31 additions and 4 deletions
--- a/Lib/test/test_imaplib.py
+++ b/Lib/test/test_imaplib.py
@ -325,6 +325,17 @@ class BaseThreadedNetworkedTests(unittest.TestCase):
            self.assertEqual(ret, "OK")


+    def test_linetoolong(self):
+        class TooLongHandler(SimpleIMAPHandler):
+            def handle(self):
+                # Send a very long response line
+                self.wfile.write(b'* OK ' + imaplib._MAXLINE*b'x' + b'\r\n')
+
+        with self.reaped_server(TooLongHandler) as server:
+            self.assertRaises(imaplib.IMAP4.error,
+                              self.imap_class, *server.server_address)
+
+
 class ThreadedNetworkedTests(BaseThreadedNetworkedTests):

    server_class = socketserver.TCPServer