I found a bug in my patch. Following code

from email.parser import Parser
BLOCKSIZE = 8192
s = 'From: <e@example.com>\nFoo: '
s += 'x' * ((-len(s) - 1) % BLOCKSIZE) + '\rBar: '
s += 'y' * ((-len(s) - 1) % BLOCKSIZE) + '\x85Baz: '
s += 'z' * ((-len(s) - 1) % BLOCKSIZE) + '\n\n'
print(Parser().parsestr(s).keys())

outputs ['From', 'Foo', 'Bar', 'Baz'] on current code and ['From', 'Foo', 'Bar'] with my patch. Neither current code, nor Reimonds patch are not affected by similar bugs. It is possible to fix my patch, but then it will become too complicated and slower.

I have one doubt about one special case with Raymond's patch, but looking at current code on highter level, this doesn't matter. Current code in FeedParser in any case is not very efficient and smoothes out any implementation details in BufferedSubFile. That is why fix_prepending2.diff has no visible effect on email parsing.

I'll provided additional tests which cover current issue and a bug in my patch.

> That is, it sounds like you are saying there is a pre-existing bug that we may want to address?  In which case it should presumably be a separate issue.

I can't create an example. May be higher level code is tolerant to it. I'll created separate issue if found an example.

> Should this be categorized as a security issue?

Yes, but not very important. You need send tens or hundreds of megabytes to hang a server more than a second.