[issue31449] Potential DoS Attack when Parsing Email with Huge Number of MIME Parts
R. David Murray
report at bugs.python.org
Wed Sep 13 09:34:50 EDT 2017
R. David Murray added the comment:
10 million mime parts? That sounds like the kind of thing rfc 1870 was designed to address in a more general fashion (ie: the SMTP server should be enforcing maximum message size if you are worried about DOS attacks).
1 million = 3 seconds, 10 million = "over three minutes" sounds like a linear increase, so I don't see that there is anything special about "mime parts" in this scenario.
I have no objection to PRs making the parsing more efficient, though :)
----------
nosy: +christian.heimes
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue31449>
_______________________________________
More information about the Python-bugs-list
mailing list