[issue28971] nntplib is broken when responses are longer than _MAXLINE
Serhiy Storchaka
report at bugs.python.org
Fri Dec 16 01:28:49 EST 2016
Serhiy Storchaka added the comment:
The limit to readline() was added to prevent consuming an excessive amount of memory. But this doesn't help in case of long multiline responses, since all lines are accumulated in a list in memory. A malicious server could cause a client consuming an excessive amount of memory by sending large number of short lines instead of one long line.
Christian, what are you think about this?
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue28971>
_______________________________________
More information about the Python-bugs-list
mailing list