Message 224894 - Python tracker

Message224894

Author	rhettinger
Recipients	barry, christian.heimes, jader.fabiano, pitrou, r.david.murray, rhettinger, serhiy.storchaka, tshepang
Date	2014-08-06.01:25:58
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1407288359.48.0.741340873957.issue21448@psf.upfronthosting.co.za>
In-reply-to

Content
> Should this be categorized as a security issue? > You could easily DoS a server with that > (email.parser is used by http.client to parse HTTP > headers, it seems). I think it makes sense to treat this as a security issue. I don't have a preference about whether to use Serhiy's email_parser_long_lines.patch or my fix_email_parse2.diff but we should include the extra tests in test_parser.diff.

Content

> Should this be categorized as a security issue? 
> You could easily DoS a server with that 
> (email.parser is used by http.client to parse HTTP 
> headers, it seems).

I think it makes sense to treat this as a security issue.

I don't have a preference about whether to use Serhiy's email_parser_long_lines.patch or my fix_email_parse2.diff
but we should include the extra tests in test_parser.diff.

History
Date	User	Action	Args
2014-08-06 01:25:59	rhettinger	set	recipients: + rhettinger, barry, pitrou, christian.heimes, r.david.murray, tshepang, serhiy.storchaka, jader.fabiano
2014-08-06 01:25:59	rhettinger	set	messageid: <1407288359.48.0.741340873957.issue21448@psf.upfronthosting.co.za>
2014-08-06 01:25:59	rhettinger	link	issue21448 messages
2014-08-06 01:25:58	rhettinger	create