blob: f4bd84d831d5ccfe3a2e6d0719647adcf85d271c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
Upstream-Status: Backport
CVE-2013-1752: Change use of readline in imaplib module to limit line length. Patch by Emil Lind.
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
diff -r ce583eb0bec2 Lib/imaplib.py
--- a/Lib/imaplib.py Thu Feb 21 20:17:54 2013 +0200
+++ b/Lib/imaplib.py Tue Feb 26 22:36:52 2013 +0100
@@ -35,6 +35,15 @@
IMAP4_SSL_PORT = 993
AllowedVersions = ('IMAP4REV1', 'IMAP4') # Most recent first
+# Maximal line length when calling readline(). This is to prevent
+# reading arbitrary length lines. RFC 3501 and 2060 (IMAP 4rev1)
+# don't specify a line length. RFC 2683 however suggests limiting client
+# command lines to 1000 octets and server command lines to 8000 octets.
+# We have selected 10000 for some extra margin and since that is supposedly
+# also what UW and Panda IMAP does.
+_MAXLINE = 10000
+
+
# Commands
Commands = {
@@ -237,7 +246,10 @@
def readline(self):
"""Read line from remote."""
- return self.file.readline()
+ line = self.file.readline(_MAXLINE + 1)
+ if len(line) > _MAXLINE:
+ raise self.error("got more than %d bytes" % _MAXLINE)
+ return line
def send(self, data):
|
