From 193eabe8c3b699249558a5ba69b2f394b45ec0c0 Mon Sep 17 00:00:00 2001 From: Andrew Donnellan Date: Mon, 3 Jul 2017 23:42:44 +1000 Subject: [PATCH 1/2] bpo-30835: email: Fix AttributeError when parsing invalid Content-Transfer-Encoding Parsing an email containing a multipart Content-Type, along with a Content-Transfer-Encoding containing an invalid (non-ASCII-decodable) byte will fail. email.feedparser.FeedParser._parsegen() gets the header and attempts to convert it to lowercase before comparing it with the accepted encodings, but as the header contains an invalid byte, it's returned as a Header object rather than a str. Cast the Content-Transfer-Encoding header to a str to avoid this. Found using the AFL fuzzer. Reported-by: Daniel Axtens Signed-off-by: Andrew Donnellan --- Lib/email/feedparser.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Lib/email/feedparser.py b/Lib/email/feedparser.py index 7c07ca86457a2aa..97d3f5144d606ff 100644 --- a/Lib/email/feedparser.py +++ b/Lib/email/feedparser.py @@ -320,7 +320,7 @@ def _parsegen(self): self._cur.set_payload(EMPTYSTRING.join(lines)) return # Make sure a valid content type was specified per RFC 2045:6.4. - if (self._cur.get('content-transfer-encoding', '8bit').lower() + if (str(self._cur.get('content-transfer-encoding', '8bit')).lower() not in ('7bit', '8bit', 'binary')): defect = errors.InvalidMultipartContentTransferEncodingDefect() self.policy.handle_defect(self._cur, defect) From f5f760c0b97f376f4bf38d1d53374de00cd5f53c Mon Sep 17 00:00:00 2001 From: Abhilash Raj Date: Mon, 27 May 2019 15:30:33 -0700 Subject: [PATCH 2/2] Add email and NEWS entry for the bugfix. --- Lib/test/test_email/test_email.py | 9 +++++++++ .../Library/2019-05-27-15-29-46.bpo-30835.3FoaWH.rst | 3 +++ 2 files changed, 12 insertions(+) create mode 100644 Misc/NEWS.d/next/Library/2019-05-27-15-29-46.bpo-30835.3FoaWH.rst diff --git a/Lib/test/test_email/test_email.py b/Lib/test/test_email/test_email.py index f97ccc6711cc738..1438f4366dfd9b0 100644 --- a/Lib/test/test_email/test_email.py +++ b/Lib/test/test_email/test_email.py @@ -1469,6 +1469,15 @@ def test_mangled_from_with_bad_bytes(self): g.flatten(msg) self.assertEqual(b.getvalue(), source + b'>From R\xc3\xb6lli\n') + def test_mutltipart_with_bad_bytes_in_cte(self): + # bpo30835 + source = textwrap.dedent("""\ + From: aperson@example.com + Content-Type: multipart/mixed; boundary="1" + Content-Transfer-Encoding: \xc8 + """).encode('utf-8') + msg = email.message_from_bytes(source) + # Test the basic MIMEAudio class class TestMIMEAudio(unittest.TestCase): diff --git a/Misc/NEWS.d/next/Library/2019-05-27-15-29-46.bpo-30835.3FoaWH.rst b/Misc/NEWS.d/next/Library/2019-05-27-15-29-46.bpo-30835.3FoaWH.rst new file mode 100644 index 000000000000000..019321d6f1d722c --- /dev/null +++ b/Misc/NEWS.d/next/Library/2019-05-27-15-29-46.bpo-30835.3FoaWH.rst @@ -0,0 +1,3 @@ +Fixed a bug in email parsing where a message with invalid bytes in +content-transfer-encoding of a multipart message can cause an AttributeError. +Patch by Andrew Donnellan.