Message171243
This bug is similar to #16037 and a modified copy of #16038.
The nntplib module doesn't limit the amount of read data in its call to readline(). An erroneous or malicious news server can trick the nntplib module to consume large amounts of memory.
Suggestion:
The nntplib module should be modified to use limited readline() with _MAXLINE like the httplib module. |
|
Date |
User |
Action |
Args |
2012-09-25 10:38:45 | christian.heimes | set | recipients:
+ christian.heimes |
2012-09-25 10:38:45 | christian.heimes | set | messageid: <1348569525.38.0.219080768405.issue16040@psf.upfronthosting.co.za> |
2012-09-25 10:38:44 | christian.heimes | link | issue16040 messages |
2012-09-25 10:38:44 | christian.heimes | create | |
|