Commit Graph

268 Commits

Author SHA1 Message Date
Ivan Savin 1aa8bbe62f
bpo-40944: Fix IndexError when parse emails with truncated Message-ID, address, routes, etc (GH-20790)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2024-04-17 10:14:22 +00:00
Serhiy Storchaka aec1dac4ef
gh-117313: Fix re-folding email messages containing non-standard line separators (GH-117369)
Only treat '\n', '\r' and '\r\n' as line separators in re-folding the email
messages.  Preserve control characters '\v', '\f', '\x1c', '\x1d' and '\x1e'
and Unicode line separators '\x85', '\u2028' and '\u2029' as is.
2024-04-17 13:00:25 +03:00
Serhiy Storchaka f74e51229c
gh-86650: Fix IndexError when parse emails with invalid Message-ID (GH-117934)
In particularly, one-off addresses generated by Microsoft Outlook:
https://learn.microsoft.com/en-us/office/client-developer/outlook/mapi/one-off-addresses

Co-authored-by: fsc-eriker <72394365+fsc-eriker@users.noreply.github.com>
2024-04-17 10:44:41 +03:00
tsufeki 8cc9adbfdd
gh-75171: Fix parsing invalid email address headers starting or ending with a dot (GH-15600)
Co-authored-by: Tim Bell <timothybell@gmail.com>
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2024-04-17 10:39:15 +03:00
Serhiy Storchaka f97f25ef5d
gh-76511: Fix email.Message.as_string() for non-ASCII message with ASCII charset (GH-116125) 2024-03-05 17:49:01 +02:00
Thomas Weißschuh 09fab93c3d
gh-100884: email/_header_value_parser: don't encode list separators (GH-100885)
ListSeparator should not be encoded. This could happen when a long line
pushes its separator to the next line, which would have been encoded.
2024-02-17 10:13:46 +00:00
Rito Takeuchi 504334c7be
gh-77749: Fix inconsistent behavior of non-ASCII handling in EmailPolicy.fold() (GH-6986)
It now always encodes non-ASCII characters in headers if utf8 is false.

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2024-01-26 15:19:41 +00:00
Pablo Galindo Salgado 29e2839cd6
gh-113027: Fix timezone check in test_variable_tzname in test_email (GH-113835)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2024-01-12 11:46:17 +01:00
Serhiy Storchaka e9d5b6ea2d
gh-113594: Fix UnicodeEncodeError in TokenList.fold() (GH-113730)
It occurred when try to re-encode an unknown-8bit part combined with non-unknown-8bit part.
2024-01-10 14:54:36 +02:00
Serhiy Storchaka 931d7e052e
gh-113027: Fix test_variable_tzname in test_email (#113821)
Determine the support of the Kyiv timezone by checking the result of
astimezone() which uses the system tz database and not the one
populated by zoneinfo.
2024-01-08 22:33:53 +00:00
Victor Stinner 4a153a1d3b
[CVE-2023-27043] gh-102988: Reject malformed addresses in email.parseaddr() (#111116)
Detect email address parsing errors and return empty tuple to
indicate the parsing error (old API). Add an optional 'strict'
parameter to getaddresses() and parseaddr() functions. Patch by
Thomas Dwyer.

Co-Authored-By: Thomas Dwyer <github@tomd.tel>
2023-12-15 16:10:40 +01:00
Sidney Markowitz 27a5fd8cb8
gh-94606: Fix error when message with Unicode surrogate not surrogateescaped string (GH-94641)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2023-12-11 18:21:18 +02:00
Jochen Sprickerhof 46407fe79c
gh-109017: Use non alternate name for Kyiv (GH-109251)
tzdata provides Kiev as an alternative to Kyiv:
https://sources.debian.org/src/tzdata/2023c-10/backward/?hl=314#L314

But Debian moved it to the tzdata-legacy package breaking the test:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050530

This patch switches to the name provided by tzdata.

Also check that the new name is actually available.
2023-10-24 20:11:51 +03:00
Jenner afa7b0d743
no-issue: Fix typo TestContentTyopeHeader to TestContentTypeHeader (gh-109069) 2023-09-19 18:50:35 +09:00
Serhiy Storchaka f3ba0a74cd
gh-108416: Mark slow test methods with @requires_resource('cpu') (GH-108421)
Only mark tests which spend significant system or user time,
by itself or in subprocesses.
2023-09-02 07:45:34 +03:00
Serhiy Storchaka d08d49dd09
Revert "Use non alternate name for Kyiv (GH-108533)" (GH-108649)
This reverts commit 7659128b9d.

It broke tests on the Debian and macOS buildbots.
2023-08-29 23:08:45 +03:00
Jochen Sprickerhof 7659128b9d
Use non alternate name for Kyiv (GH-108533)
tzdata provides Kiev as an alternative to Kyiv:

https://sources.debian.org/src/tzdata/2023c-10/backward/?hl=314#L314

But Debian moved it to the tzdata-legacy package breaking the test:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050530

This patch switches to the name provided by tzdata.
2023-08-29 18:00:43 +03:00
htsedebenham c65592c4d6
gh-106186: Don't report MultipartInvariantViolationDefect for valid multipart emails when parsing header only (#107016) 2023-07-23 12:25:18 +02:00
Gregory P. Smith a31dea1feb
gh-106669: Revert "gh-102988: Detect email address parsing errors ... (#105127)" (#106733)
This reverts commit 18dfbd0357.
Adds a regression test from the issue.

See https://github.com/python/cpython/issues/106669.
2023-07-20 20:30:52 -07:00
Thomas Dwyer 18dfbd0357
gh-102988: Detect email address parsing errors and return empty tuple to indicate the parsing error (old API) (#105127)
Detect email address parsing errors and return empty tuple to indicate the parsing error (old API). This fixes or at least ameliorates CVE-2023-27043.

---------

Co-authored-by: Gregory P. Smith <greg@krypto.org>
2023-07-10 23:00:55 +00:00
Nikita Sobolev 6e6a4cd523
gh-106300: Improve `assertRaises(Exception)` usages in tests (GH-106302) 2023-07-07 13:42:40 -07:00
Alan Williams 5e6661bce9
gh-72346: Added isdst deprecation warning to email.utils.localtime (GH-91450) 2023-03-19 19:20:20 -05:00
Serhiy Storchaka ea5ed0ba51
gh-95087: Fix IndexError in parsing invalid date in the email module (GH-95201)
Co-authored-by: wouter bolsterlee <wouter@bolsterl.ee>
2022-07-25 09:17:25 +03:00
Victor Stinner 3ceb4b8d3a
gh-84623: Remove unused imports in tests (#93772) 2022-06-13 16:56:03 +02:00
oda-gitso 71abeb0895
gh-93010: InvalidHeaderError used but nonexistent (#93015)
* fix issue 93010

Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
2022-05-23 09:10:18 -07:00
Serhiy Storchaka e91dee87ed
bpo-43323: Fix UnicodeEncodeError in the email module (GH-32137)
It was raised if the charset itself contains characters not encodable
in UTF-8 (in particular \udcxx characters representing non-decodable
bytes in the source).
2022-04-30 13:17:23 +03:00
Barry Warsaw 4403320727
Rewrite audio.py to jive with image.py (#91886)
Similar to the rewrite of email/mime/image.py and associated test after the
deprecation of imghdr.py, thisrewrites email/mime/audio.py and associated
tests after the deprecation of sndhdr.py.

Closes #91885
2022-04-24 15:50:07 -07:00
Barry Warsaw 1fcb39ea64
gh-91520: Rewrite imghdr inlining for clarity and completeness (#91521)
* Rewrite imghdr inlining for clarity and completeness

* Move MIMEImage class back closer to the top of the file since it's the
  important thing.
* Use a decorate to mark a given rule function and simplify the rule function
  names for clarity.
* Copy over all the imghdr test data files into the email package's test data
  directory.  This way when imghdr is actually removed, it won't affect the
  MIMEImage guessing tests.
* Rewrite and extend the MIMEImage tests to test for all supported
  auto-detected MIME image subtypes.
* Remove the now redundant PyBanner048.gif data file.

* See https://github.com/python/cpython/pull/91461#discussion_r850313336

Co-authored-by: Oleg Iarygin <dralife@yandex.ru>

Co-authored-by: Oleg Iarygin <dralife@yandex.ru>
2022-04-14 17:48:59 -07:00
Brett Cannon 3fc57e8f6f
gh-91217: deprecate imghdr (#91461)
* Deprecate imghdr

Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>

* Update Doc/whatsnew/3.11.rst

Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>

* Inline `imghdr` into `email.mime.image`

Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
Co-authored-by: Barry Warsaw <barry@python.org>
2022-04-13 10:47:41 -07:00
Christian Heimes 2b16a08bc7
bpo-40280: Detect missing threading on WASM platforms (GH-32352)
Co-authored-by: Brett Cannon <brett@python.org>
2022-04-07 09:22:47 +02:00
Nikita Sobolev 6c83c8e6b5
bpo-46198: rename duplicate tests and remove unused code (GH-30297) 2022-03-10 08:20:11 -08:00
Manish Kumar ⛄ ba650af7d6
Optimize images by IMGbot (GH-21348)
Co-authored-by: ImgBotApp <ImgBotHelp@gmail.com>
2022-02-04 15:49:43 +09:00
180909 46c8d91571
bpo-19460: Add test for MIMENonMultipart (GH-29817) 2021-11-28 11:24:41 +02:00
Ben Hoyt b9e687618d
bpo-45239: Fix parsedate_tz when time has more than 2 dots in it (GH-28452)
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
2021-10-13 18:21:27 +02:00
Christian Clauss 745c9d9dfc
Fix typos in the Lib directory (GH-28775)
Fix typos in the Lib directory as identified by codespell.

Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
2021-10-06 16:13:48 -07:00
Serhiy Storchaka 851811f577
bpo-5846: Do not use obsolete unittest functions. (GH-28303)
Get rid of use of makeSuite() and findTestCases().
Also make test_math and test_threading_local discoverable.
2021-09-13 10:49:53 +03:00
wouter bolsterlee 989f6a3800
bpo-45001: Make email date parsing more robust against malformed input (GH-27946)
Various date parsing utilities in the email module, such as
email.utils.parsedate(), are supposed to gracefully handle invalid
input, typically by raising an appropriate exception or by returning
None.

The internal email._parseaddr._parsedate_tz() helper used by some of
these date parsing routines tries to be robust against malformed input,
but unfortunately it can still crash ungracefully when a non-empty but
whitespace-only input is passed. This manifests as an unexpected
IndexError.

In practice, this can happen when parsing an email with only a newline
inside a ‘Date:’ header, which unfortunately happens occasionally in the
real world.

Here's a minimal example:

    $ python
    Python 3.9.6 (default, Jun 30 2021, 10:22:16)
    [GCC 11.1.0] on linux
    Type "help", "copyright", "credits" or "license" for more information.
    >>> import email.utils
    >>> email.utils.parsedate('foo')
    >>> email.utils.parsedate(' ')
    Traceback (most recent call last):
      File "<stdin>", line 1, in <module>
      File "/usr/lib/python3.9/email/_parseaddr.py", line 176, in parsedate
        t = parsedate_tz(data)
      File "/usr/lib/python3.9/email/_parseaddr.py", line 50, in parsedate_tz
        res = _parsedate_tz(data)
      File "/usr/lib/python3.9/email/_parseaddr.py", line 72, in _parsedate_tz
        if data[0].endswith(',') or data[0].lower() in _daynames:
    IndexError: list index out of range

The fix is rather straight-forward: guard against empty lists, after
splitting on whitespace, but before accessing the first element.
2021-08-26 16:49:03 +02:00
Johannes Reiff b33186bc43
bpo-41402: Fix email ContentManager calling .encode() on bytes (GH-21631) 2021-08-09 18:45:41 +02:00
andrei kulakov e3f877c32d
bpo-42892: fix email multipart attribute error (GH-26903) 2021-07-30 19:05:49 +02:00
Zackery Spytz 89f4c34797
bpo-27513: email.utils.getaddresses() now handles Header objects (#13797)
getaddresses() should be able to handle a Header object if passed
one.

Co-authored-by: Łukasz Langa <lukasz@langa.pl>
2021-07-19 18:07:54 +02:00
Dong-hee Na 30f7a77f35
bpo-44395: Fix MIMEPart.as_string to pass unixfrom properly (GH-26685) 2021-06-21 22:59:02 +09:00
Inada Naoki de522a89e4
bpo-43651: PEP 597: Fix test_email (GH-25158) 2021-04-05 12:30:12 +09:00
Grégory Starck cf35e05f89
bpo-43125: Fix: return expected type (str), not original value (bytes) in email/base64mime.py::body_encode (GH-24476) 2021-03-30 17:37:37 +09:00
Georges Toth 303aac8c56
bpo-30681: Support invalid date format or value in email Date header (GH-22090)
I am re-submitting an older PR which was abandoned but is still relevant, #10783 by @timb07.

The issue being solved () is still relevant. The original PR #10783 was closed as
the final request changes were not applied and since abandoned.

In this new PR I have re-used the original patch plus applied both comments from the review, by @maxking and @pganssle.


For reference, here is the original PR description:
In email.utils.parsedate_to_datetime(), a failure to parse the date, or invalid date components (such as hour outside 0..23) raises an exception. Document this behaviour, and add tests to test_email/test_utils.py to confirm this behaviour.

In email.headerregistry.DateHeader.parse(), check when parsedate_to_datetime() raises an exception and add a new defect InvalidDateDefect; preserve the invalid value as the string value of the header, but set the datetime attribute to None.

Add tests to test_email/test_headerregistry.py to confirm this behaviour; also added test to test_email/test_inversion.py to confirm emails with such defective date headers round trip successfully.

This pull request incorporates feedback gratefully received from @bitdancer, @brettcannon, @Mariatta and @warsaw, and replaces the earlier PR #2254.

Automerge-Triggered-By: GH:warsaw
2020-10-26 17:31:06 -07:00
Mark Sapiro bf838227c3
bpo-27321 Fix email.generator.py to not replace a non-existent header. (GH-18074)
This PR replaces #1977. The reason for the replacement is two-fold.

The fix itself is different is that if the CTE header doesn't exist in the original message, it is inserted. This is important because the new CTE could be quoted-printable whereas the original is implicit 8bit.

Also the tests are different. The test_nonascii_as_string_without_cte test in #1977 doesn't actually test the issue in that it passes without the fix. The test_nonascii_as_string_without_content_type_and_cte test is improved here, and even though it doesn't fail without the fix, it is included for completeness.

Automerge-Triggered-By: @warsaw
2020-10-19 15:49:19 -07:00
Hai Shi 604bba1f8f
bpo-40275: Use new test.support helper submodules in tests (GH-21452) 2020-08-04 17:51:43 +02:00
Mark Sapiro 4fa61a7732
bpo-40597: Allow email.contextmanager set_content() to set a null string. (GH-20542) 2020-07-08 14:00:35 -07:00
Abhilash Raj 21017ed904
bpo-39040: Fix parsing of email mime headers with whitespace between encoded-words. (gh-17620)
* bpo-39040: Fix parsing of email headers with encoded-words inside a quoted string.

It is fairly common to find malformed mime headers (especially content-disposition
headers) where the parameter values, instead of being encoded to RFC
standards, are "encoded" by doing RFC 2047 "encoded word" encoding, and
then enclosing the whole thing in quotes.  The processing of these malformed
headers was incorrectly leaving the spaces between encoded words in the decoded
text (whitespace between adjacent encoded words is supposed to be stripped on
decoding).  This changeset fixes the encoded word processing inside quoted strings
(bare-quoted-string) to do correct RFC 2047 decoding by stripping that
whitespace.
2020-05-28 20:04:59 -04:00
Hai Shi e80697d687
bpo-40275: Adding threading_helper submodule in test.support (GH-20263) 2020-05-28 00:10:27 +02:00
Arkadiusz Hiler 6f2f475d5a
bpo-40597: email: Use CTE if lines are longer than max_line_length consistently (gh-20038)
raw_data_manager (default for EmailPolicy, EmailMessage)
does correct wrapping of 'text' parts as long as the message contains
characters outside of 7bit US-ASCII set: base64 or qp
Content-Transfer-Encoding is applied if the lines would be too long
without it.  It did not, however, do this for ascii-only text,
which could result in lines that were longer than
policy.max_line_length or even the rfc 998  maximum.

This changeset fixes the heuristic so that if lines are longer than
policy.max_line_length, it will always apply a
content-transfer-encoding so that the lines are wrapped correctly.
2020-05-13 20:53:26 -04:00