[issue16039] imaplib: unlimited readline() from connection
Christian Heimes
report at bugs.python.org
Tue Sep 25 12:36:10 CEST 2012
New submission from Christian Heimes:
This bug is similar to #16037 and a modified copy of #16038.
The imaplib module doesn't limit the amount of read data in its call to readline(). An erroneous or malicious IMAP server can trick the imaplib module to consume large amounts of memory.
Suggestion:
The imaplib module should be modified to use limited readline() with _MAXLINE like the httplib module.
----------
components: Library (Lib)
messages: 171242
nosy: christian.heimes
priority: normal
severity: normal
status: open
title: imaplib: unlimited readline() from connection
type: resource usage
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue16039>
_______________________________________
More information about the Python-bugs-list
mailing list