Email folding function Denial-of-Service¶

The email folding function enters an infinite loop if a header is longer than the policy maximum line length and contains many non-ASCII characters.

Regression introduced in Python 3.6.4.

Dates:

Disclosure date: 2018-05-16 (Python issue bpo-33529 reported)

Fixed In¶

Python 3.6.9 (2019-07-02) fixed by commit 516a6a2 (branch 3.6) (2019-06-18)
Python 3.7.4 (2019-07-08) fixed by commit 2fef5b0 (branch 3.7) (2019-05-14)
Python 3.8.0 (2019-10-14) fixed by commit c1f5667 (branch 3.8) (2019-05-14)

Python issue¶

[security] Infinite loop on folding email (_fold_as_ew()) if an header has no spaces.

Python issue: bpo-33529
Creation date: 2018-05-16
Reporter: Rad164

Timeline¶

Timeline using the disclosure date 2018-05-16 as reference:

2018-05-16: Python issue bpo-33529 reported by Rad164
2019-05-14 (+363 days): commit 2fef5b0 (branch 3.7)
2019-05-14 (+363 days): commit c1f5667 (branch 3.8)
2019-06-18 (+398 days): commit 516a6a2 (branch 3.6)
2019-07-02 (+412 days): Python 3.6.9 released
2019-07-08 (+418 days): Python 3.7.4 released
2019-10-14: Python 3.8.0 released

Read the Docs v: latest

Versions: latest

Downloads: pdf; html; epub

On Read the Docs: Project Home; Builds

Free document hosting provided by Read the Docs.