Skip to content

bpo-30835: email: Fix AttributeError when parsing invalid CTE#13598

Merged
warsaw merged 2 commits into
python:masterfrom
maxking:gh-2544
Jun 4, 2019
Merged

bpo-30835: email: Fix AttributeError when parsing invalid CTE#13598
warsaw merged 2 commits into
python:masterfrom
maxking:gh-2544

Conversation

@maxking

@maxking maxking commented May 27, 2019

Copy link
Copy Markdown
Contributor

This is basically #2544 along with a test and NEWS entry.

The bugfix + test was originally written by @adjlinux. I added the NEWS entry to get this merged since the orignial PR seems to be abandoned.

https://bugs.python.org/issue30835

ajdlinux and others added 2 commits July 3, 2017 23:49
…nsfer-Encoding

Parsing an email containing a multipart Content-Type, along with a
Content-Transfer-Encoding containing an invalid (non-ASCII-decodable) byte
will fail. email.feedparser.FeedParser._parsegen() gets the header and
attempts to convert it to lowercase before comparing it with the accepted
encodings, but as the header contains an invalid byte, it's returned as a
Header object rather than a str.

Cast the Content-Transfer-Encoding header to a str to avoid this.

Found using the AFL fuzzer.

Reported-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Andrew Donnellan <andrew@donnellan.id.au>

@eamanu eamanu left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I test it on debian 9 and work ok

@brettcannon brettcannon added the type-bug An unexpected behavior, bug, or error label Jun 3, 2019
@warsaw warsaw merged commit aa79707 into python:master Jun 4, 2019
@miss-islington

Copy link
Copy Markdown
Contributor

Thanks @maxking for the PR, and @warsaw for merging it 🌮🎉.. I'm working now to backport this PR to: 3.6, 3.7.
🐍🍒⛏🤖

@bedevere-bot

Copy link
Copy Markdown

GH-13820 is a backport of this pull request to the 3.7 branch.

miss-islington pushed a commit to miss-islington/cpython that referenced this pull request Jun 4, 2019
…GH-13598)

* bpo-30835: email: Fix AttributeError when parsing invalid Content-Transfer-Encoding

Parsing an email containing a multipart Content-Type, along with a
Content-Transfer-Encoding containing an invalid (non-ASCII-decodable) byte
will fail. email.feedparser.FeedParser._parsegen() gets the header and
attempts to convert it to lowercase before comparing it with the accepted
encodings, but as the header contains an invalid byte, it's returned as a
Header object rather than a str.

Cast the Content-Transfer-Encoding header to a str to avoid this.

Found using the AFL fuzzer.

Reported-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Andrew Donnellan <andrew@donnellan.id.au>

* Add email and NEWS entry for the bugfix.
(cherry picked from commit aa79707)

Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>
miss-islington pushed a commit to miss-islington/cpython that referenced this pull request Jun 4, 2019
…GH-13598)

* bpo-30835: email: Fix AttributeError when parsing invalid Content-Transfer-Encoding

Parsing an email containing a multipart Content-Type, along with a
Content-Transfer-Encoding containing an invalid (non-ASCII-decodable) byte
will fail. email.feedparser.FeedParser._parsegen() gets the header and
attempts to convert it to lowercase before comparing it with the accepted
encodings, but as the header contains an invalid byte, it's returned as a
Header object rather than a str.

Cast the Content-Transfer-Encoding header to a str to avoid this.

Found using the AFL fuzzer.

Reported-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Andrew Donnellan <andrew@donnellan.id.au>

* Add email and NEWS entry for the bugfix.
(cherry picked from commit aa79707)

Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>
@bedevere-bot

Copy link
Copy Markdown

GH-13821 is a backport of this pull request to the 3.6 branch.

miss-islington added a commit that referenced this pull request Jun 5, 2019
* bpo-30835: email: Fix AttributeError when parsing invalid Content-Transfer-Encoding

Parsing an email containing a multipart Content-Type, along with a
Content-Transfer-Encoding containing an invalid (non-ASCII-decodable) byte
will fail. email.feedparser.FeedParser._parsegen() gets the header and
attempts to convert it to lowercase before comparing it with the accepted
encodings, but as the header contains an invalid byte, it's returned as a
Header object rather than a str.

Cast the Content-Transfer-Encoding header to a str to avoid this.

Found using the AFL fuzzer.

Reported-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Andrew Donnellan <andrew@donnellan.id.au>

* Add email and NEWS entry for the bugfix.
(cherry picked from commit aa79707)

Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>
@bedevere-bot

Copy link
Copy Markdown

⚠️⚠️⚠️ Buildbot failure ⚠️⚠️⚠️

Hi! The buildbot x86 Gentoo Installed with X 3.7 has failed when building commit f62a372.

What do you need to do:

  1. Don't panic.
  2. Check the buildbot page in the devguide if you don't know what the buildbots are or how they work.
  3. Go to the page of the buildbot that failed (https://buildbot.python.org/all/#builders/108/builds/1135) and take a look at the build logs.
  4. Check if the failure is related to this commit (f62a372) or if it is a false positive.
  5. If the failure is related to this commit, please, reflect that on the issue and make a new Pull Request with a fix.

You can take a look at the buildbot page here:

https://buildbot.python.org/all/#builders/108/builds/1135

Click to see traceback logs
From https://github.com/python/cpython
 * branch                  3.7        -> FETCH_HEAD
Reset branch '3.7'

@maxking maxking deleted the gh-2544 branch June 5, 2019 15:38
@maxking

maxking commented Jun 5, 2019

Copy link
Copy Markdown
Contributor Author

I don't think this failure is related to the change addresses in this PR.

DinoV pushed a commit to DinoV/cpython that referenced this pull request Jan 14, 2020
…GH-13598)

* bpo-30835: email: Fix AttributeError when parsing invalid Content-Transfer-Encoding

Parsing an email containing a multipart Content-Type, along with a
Content-Transfer-Encoding containing an invalid (non-ASCII-decodable) byte
will fail. email.feedparser.FeedParser._parsegen() gets the header and
attempts to convert it to lowercase before comparing it with the accepted
encodings, but as the header contains an invalid byte, it's returned as a
Header object rather than a str.

Cast the Content-Transfer-Encoding header to a str to avoid this.

Found using the AFL fuzzer.

Reported-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Andrew Donnellan <andrew@donnellan.id.au>

* Add email and NEWS entry for the bugfix.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

type-bug An unexpected behavior, bug, or error

Projects

None yet

Development

Successfully merging this pull request may close these issues.

9 participants