Author serhiy.storchaka
Recipients christian.heimes, martin.panter, python-dev, serhiy.storchaka, xdegaye, xiang.zhang, zach.ware
Date 2016-12-17.19:30:35
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1482003035.93.0.530686009876.issue28971@psf.upfronthosting.co.za>
In-reply-to
Content
If sender sends a lot of empty lines and file is not None, LF or CRLF is stripped from lines, and len(line) is 0. Every empty line increases the size of the lines list by 4 or 8 bytes. Since count is not changed, the loop is not bounded. Every LF byte sent by malicious sender increases memory consumption by 4 or 8 bytes.
History
Date User Action Args
2016-12-17 19:30:35serhiy.storchakasetrecipients: + serhiy.storchaka, christian.heimes, xdegaye, python-dev, martin.panter, zach.ware, xiang.zhang
2016-12-17 19:30:35serhiy.storchakasetmessageid: <1482003035.93.0.530686009876.issue28971@psf.upfronthosting.co.za>
2016-12-17 19:30:35serhiy.storchakalinkissue28971 messages
2016-12-17 19:30:35serhiy.storchakacreate