bpo-37461: Fix infinite loop in parsing of specially crafted email headers (GH-14794)
* bpo-37461: Fix infinite loop in parsing of specially crafted email headers. Some crafted email header would cause the get_parameter method to run in an infinite loop causing a DoS attack surface when parsing those headers. This patch fixes that by making sure the DQUOTE character is handled to prevent going into an infinite loop.
This commit is contained in:
parent
82494aa6d9
commit
a4a994bd3e
|
@ -2496,6 +2496,9 @@ def get_parameter(value):
|
|||
while value:
|
||||
if value[0] in WSP:
|
||||
token, value = get_fws(value)
|
||||
elif value[0] == '"':
|
||||
token = ValueTerminal('"', 'DQUOTE')
|
||||
value = value[1:]
|
||||
else:
|
||||
token, value = get_qcontent(value)
|
||||
v.append(token)
|
||||
|
|
|
@ -2710,6 +2710,13 @@ class Test_parse_mime_parameters(TestParserMixin, TestEmailBase):
|
|||
# Defects are apparent missing *0*, and two 'out of sequence'.
|
||||
[errors.InvalidHeaderDefect]*3),
|
||||
|
||||
# bpo-37461: Check that we don't go into an infinite loop.
|
||||
'extra_dquote': (
|
||||
'r*="\'a\'\\"',
|
||||
' r="\\""',
|
||||
'r*=\'a\'"',
|
||||
[('r', '"')],
|
||||
[errors.InvalidHeaderDefect]*2),
|
||||
}
|
||||
|
||||
@parameterize
|
||||
|
|
|
@ -0,0 +1,2 @@
|
|||
Fix an inifite loop when parsing specially crafted email headers. Patch by
|
||||
Abhilash Raj.
|
Loading…
Reference in New Issue