Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(157374)

#28971: nntplib is broken when responses are longer than _MAXLINE

Can't Edit
Can't Publish+Mail
Start Review
Created:
2 years, 11 months ago by xdegaye
Modified:
2 years, 11 months ago
Reviewers:
storchaka+cpython, vadmium+py
CC:
christian.heimes, mcepl, xdegaye, devnull_psf.upfronthosting.co.za, Martin Panter, Zach Ware, storchaka, xiang.zhang, mbussonn
Visibility:
Public.

Patch Set 1 #

Total comments: 2

Patch Set 2 #

Total comments: 12

Patch Set 3 #

Patch Set 4 #

Total comments: 2
Unified diffs Side-by-side diffs Delta from patch set Stats Patch
Lib/nntplib.py View 1 2 3 8 chunks +17 lines, -13 lines 2 comments Download
Lib/test/test_nntplib.py View 1 2 3 3 chunks +36 lines, -2 lines 0 comments Download

Messages

Total messages: 8
storchaka
https://bugs.python.org/review/28971/diff/19466/Lib/nntplib.py File Lib/nntplib.py (right): https://bugs.python.org/review/28971/diff/19466/Lib/nntplib.py#newcode432 Lib/nntplib.py:432: line = self.file.readline() This invalidates the purpose of line ...
2 years, 11 months ago #1
storchaka
http://bugs.python.org/review/28971/diff/19499/Lib/nntplib.py File Lib/nntplib.py (right): http://bugs.python.org/review/28971/diff/19499/Lib/nntplib.py#newcode490 Lib/nntplib.py:490: count += len(line) What if sender sends a lot ...
2 years, 11 months ago #2
xdegaye
http://bugs.python.org/review/28971/diff/19499/Lib/nntplib.py File Lib/nntplib.py (right): http://bugs.python.org/review/28971/diff/19499/Lib/nntplib.py#newcode490 Lib/nntplib.py:490: count += len(line) On 2016/12/17 17:54:38, storchaka wrote: > ...
2 years, 11 months ago #3
Martin Panter
https://bugs.python.org/review/28971/diff/19499/Lib/nntplib.py File Lib/nntplib.py (right): https://bugs.python.org/review/28971/diff/19499/Lib/nntplib.py#newcode415 Lib/nntplib.py:415: raise NNTPPermanentError('The session is closed.') This exception normally indicates ...
2 years, 11 months ago #4
xdegaye
http://bugs.python.org/review/28971/diff/19499/Lib/nntplib.py File Lib/nntplib.py (right): http://bugs.python.org/review/28971/diff/19499/Lib/nntplib.py#newcode415 Lib/nntplib.py:415: raise NNTPPermanentError('The session is closed.') On 2016/12/18 04:30:58, vadmium ...
2 years, 11 months ago #5
Martin Panter
http://bugs.python.org/review/28971/diff/19499/Lib/nntplib.py File Lib/nntplib.py (right): http://bugs.python.org/review/28971/diff/19499/Lib/nntplib.py#newcode415 Lib/nntplib.py:415: raise NNTPPermanentError('The session is closed.') On 2016/12/19 11:08:16, xdegaye ...
2 years, 11 months ago #6
xdegaye
http://bugs.python.org/review/28971/diff/19556/Lib/nntplib.py File Lib/nntplib.py (right): http://bugs.python.org/review/28971/diff/19556/Lib/nntplib.py#newcode95 Lib/nntplib.py:95: # Enough for hundreds of message id's, each being ...
2 years, 11 months ago #7
xdegaye
2 years, 11 months ago #8
http://bugs.python.org/review/28971/diff/19556/Lib/nntplib.py
File Lib/nntplib.py (right):

http://bugs.python.org/review/28971/diff/19556/Lib/nntplib.py#newcode95
Lib/nntplib.py:95: # Enough for hundreds of message id's, each being hundreds of
bytes
On 2016/12/24 18:45:29, xdegaye wrote:
> I think this value should not be based on an estimation of the maximum legal
> amount of bytes in a multi-line response because it is impossible to prove
that
> the result of this estimation is correct. For example, with the nntp server
used
> by test_nntplib:
>     >>> from nntplib import NNTP_SSL
>     >>> s = NNTP_SSL('nntp.aioe.org')
>     >>> list = s.list()
>     >>> len(list[1])
>     42795
> This is already now pretty close to 64000.
> 
> Instead this (very large) value should be the limit that represents, for
Python,
> a response from a malicious server.

42795 is actually the number of bytes received in multiple small lines.
Sign in to reply to this message.

RSS Feeds Recent Issues | This issue
This is Rietveld 894c83f36cb7+