bpo-30835: email: Fix AttributeError when parsing invalid CTE#13598
Merged
Conversation
…nsfer-Encoding Parsing an email containing a multipart Content-Type, along with a Content-Transfer-Encoding containing an invalid (non-ASCII-decodable) byte will fail. email.feedparser.FeedParser._parsegen() gets the header and attempts to convert it to lowercase before comparing it with the accepted encodings, but as the header contains an invalid byte, it's returned as a Header object rather than a str. Cast the Content-Transfer-Encoding header to a str to avoid this. Found using the AFL fuzzer. Reported-by: Daniel Axtens <dja@axtens.net> Signed-off-by: Andrew Donnellan <andrew@donnellan.id.au>
eamanu
reviewed
May 28, 2019
eamanu
left a comment
Contributor
There was a problem hiding this comment.
LGTM. I test it on debian 9 and work ok
auvipy
approved these changes
May 31, 2019
Contributor
|
GH-13820 is a backport of this pull request to the 3.7 branch. |
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this pull request
Jun 4, 2019
…GH-13598) * bpo-30835: email: Fix AttributeError when parsing invalid Content-Transfer-Encoding Parsing an email containing a multipart Content-Type, along with a Content-Transfer-Encoding containing an invalid (non-ASCII-decodable) byte will fail. email.feedparser.FeedParser._parsegen() gets the header and attempts to convert it to lowercase before comparing it with the accepted encodings, but as the header contains an invalid byte, it's returned as a Header object rather than a str. Cast the Content-Transfer-Encoding header to a str to avoid this. Found using the AFL fuzzer. Reported-by: Daniel Axtens <dja@axtens.net> Signed-off-by: Andrew Donnellan <andrew@donnellan.id.au> * Add email and NEWS entry for the bugfix. (cherry picked from commit aa79707) Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this pull request
Jun 4, 2019
…GH-13598) * bpo-30835: email: Fix AttributeError when parsing invalid Content-Transfer-Encoding Parsing an email containing a multipart Content-Type, along with a Content-Transfer-Encoding containing an invalid (non-ASCII-decodable) byte will fail. email.feedparser.FeedParser._parsegen() gets the header and attempts to convert it to lowercase before comparing it with the accepted encodings, but as the header contains an invalid byte, it's returned as a Header object rather than a str. Cast the Content-Transfer-Encoding header to a str to avoid this. Found using the AFL fuzzer. Reported-by: Daniel Axtens <dja@axtens.net> Signed-off-by: Andrew Donnellan <andrew@donnellan.id.au> * Add email and NEWS entry for the bugfix. (cherry picked from commit aa79707) Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>
|
GH-13821 is a backport of this pull request to the 3.6 branch. |
miss-islington
added a commit
that referenced
this pull request
Jun 5, 2019
* bpo-30835: email: Fix AttributeError when parsing invalid Content-Transfer-Encoding Parsing an email containing a multipart Content-Type, along with a Content-Transfer-Encoding containing an invalid (non-ASCII-decodable) byte will fail. email.feedparser.FeedParser._parsegen() gets the header and attempts to convert it to lowercase before comparing it with the accepted encodings, but as the header contains an invalid byte, it's returned as a Header object rather than a str. Cast the Content-Transfer-Encoding header to a str to avoid this. Found using the AFL fuzzer. Reported-by: Daniel Axtens <dja@axtens.net> Signed-off-by: Andrew Donnellan <andrew@donnellan.id.au> * Add email and NEWS entry for the bugfix. (cherry picked from commit aa79707) Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>
|
Contributor
Author
|
I don't think this failure is related to the change addresses in this PR. |
DinoV
pushed a commit
to DinoV/cpython
that referenced
this pull request
Jan 14, 2020
…GH-13598) * bpo-30835: email: Fix AttributeError when parsing invalid Content-Transfer-Encoding Parsing an email containing a multipart Content-Type, along with a Content-Transfer-Encoding containing an invalid (non-ASCII-decodable) byte will fail. email.feedparser.FeedParser._parsegen() gets the header and attempts to convert it to lowercase before comparing it with the accepted encodings, but as the header contains an invalid byte, it's returned as a Header object rather than a str. Cast the Content-Transfer-Encoding header to a str to avoid this. Found using the AFL fuzzer. Reported-by: Daniel Axtens <dja@axtens.net> Signed-off-by: Andrew Donnellan <andrew@donnellan.id.au> * Add email and NEWS entry for the bugfix.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is basically #2544 along with a test and NEWS entry.
The bugfix + test was originally written by @adjlinux. I added the NEWS entry to get this merged since the orignial PR seems to be abandoned.
https://bugs.python.org/issue30835