Author christian.heimes
Recipients christian.heimes
Date 2012-09-25.10:32:54
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1348569175.14.0.867789583045.issue16038@psf.upfronthosting.co.za>
In-reply-to
Content
This bug is similar to #16037.

The ftplib module doesn't limit the amount of read data in its call to readline(). An erroneous or malicious FTP server can trick the ftplib module to consume large amounts of memory.

Suggestion:
The ftplib module should be modified to use limited readline() with _MAXLINE like the httplib module.
History
Date User Action Args
2012-09-25 10:32:55christian.heimessetrecipients: + christian.heimes
2012-09-25 10:32:55christian.heimessetmessageid: <1348569175.14.0.867789583045.issue16038@psf.upfronthosting.co.za>
2012-09-25 10:32:54christian.heimeslinkissue16038 messages
2012-09-25 10:32:54christian.heimescreate