cpython: 0f362676460d (original) (raw)

Mercurial > cpython

changeset 92662:0f362676460d 3.2

Issue #16042: CVE-2013-1752: smtplib: Limit amount of data read by limiting the call to readline(). Original patch by Christian Heimes. [#16042]

line wrap: on

line diff

--- a/Lib/smtplib.py +++ b/Lib/smtplib.py @@ -62,6 +62,7 @@ SMTP_PORT = 25 SMTP_SSL_PORT = 465 CRLF = "\r\n" bCRLF = b"\r\n" +_MAXLINE = 8192 # more than 8 times larger than RFC 821, 4.5.3 OLDSTYLE_AUTH = re.compile(r"auth=(.*)", re.I) @@ -363,7 +364,7 @@ class SMTP: self.file = self.sock.makefile('rb') while 1: try:

•            line = self.file.readline()[](#l1.15)

•            line = self.file.readline(_MAXLINE + 1)[](#l1.16)
         except socket.error as e:[](#l1.17)
             self.close()[](#l1.18)
             raise SMTPServerDisconnected("Connection unexpectedly closed: "[](#l1.19)

@@ -373,6 +374,8 @@ class SMTP: raise SMTPServerDisconnected("Connection unexpectedly closed") if self.debuglevel > 0: print('reply:', repr(line), file=stderr)

•        if len(line) > _MAXLINE:[](#l1.24)

•            raise SMTPResponseException(500, "Line too long.")[](#l1.25)
         resp.append(line[4:].strip(b' \t\r\n'))[](#l1.26)
         code = line[:3][](#l1.27)
         # Check that the error code is syntactically correct.[](#l1.28)

--- a/Lib/test/mock_socket.py +++ b/Lib/test/mock_socket.py @@ -21,8 +21,13 @@ class MockFile: """ def init(self, lines): self.lines = lines

• def readline(self):

•    return self.lines.pop(0) + b'\r\n'[](#l2.8)

• def readline(self, limit=-1):

•    result = self.lines.pop(0) + b'\r\n'[](#l2.10)

•    if limit >= 0:[](#l2.11)

•        # Re-insert the line, removing the \r\n we added.[](#l2.12)

•        self.lines.insert(0, result[limit:-2])[](#l2.13)

•        result = result[:limit][](#l2.14)

•    return result[](#l2.15)

  def close(self): pass

--- a/Lib/test/test_smtplib.py +++ b/Lib/test/test_smtplib.py @@ -537,6 +537,33 @@ class BadHELOServerTests(unittest.TestCa HOST, self.port, 'localhost', 3) +@unittest.skipUnless(threading, 'Threading required for this test.') +class TooLongLineTests(unittest.TestCase):

• respdata = b'250 OK' + (b'.' * smtplib._MAXLINE * 2) + b'\n'

+

• def setUp(self):

•    self.old_stdout = sys.stdout[](#l3.12)

•    self.output = io.StringIO()[](#l3.13)

•    sys.stdout = self.output[](#l3.14)

+

•    self.evt = threading.Event()[](#l3.16)

•    self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)[](#l3.17)

•    self.sock.settimeout(15)[](#l3.18)

•    self.port = support.bind_port(self.sock)[](#l3.19)

•    servargs = (self.evt, self.respdata, self.sock)[](#l3.20)

•    threading.Thread(target=server, args=servargs).start()[](#l3.21)

•    self.evt.wait()[](#l3.22)

•    self.evt.clear()[](#l3.23)

+

• def tearDown(self):

•    self.evt.wait()[](#l3.26)

•    sys.stdout = self.old_stdout[](#l3.27)

+

• def testLineTooLong(self):

•    self.assertRaises(smtplib.SMTPResponseException, smtplib.SMTP,[](#l3.30)

•                      HOST, self.port, 'localhost', 3)[](#l3.31)

+ + sim_users = {'Mr.A@somewhere.com':'John A', 'Ms.B@xn--fo-fka.com':'Sally B', 'Mrs.C@somewhereesle.com':'Ruth C', @@ -826,7 +853,8 @@ class SMTPSimTests(unittest.TestCase): def test_main(verbose=None): support.run_unittest(GeneralTests, DebuggingServerTests, NonConnectingTests,

•                          BadHELOServerTests, SMTPSimTests)[](#l3.41)

•                          BadHELOServerTests, SMTPSimTests,[](#l3.42)

•                          TooLongLineTests)[](#l3.43)

if name == 'main': test_main()

--- a/Misc/NEWS +++ b/Misc/NEWS @@ -10,6 +10,9 @@ What's New in Python 3.2.6? Library ------- +- Issue #16042: CVE-2013-1752: smtplib: Limit amount of data read by

• limiting the call to readline(). Original patch by Christian Heimes. +

• Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read by limiting the call to readline(). Original patch by Michał Jastrzębski and Giampaolo Rodola.