[New-bugs-announce] [issue30701] Exception parsing certain invalid email address headers
Tim Bell
report at bugs.python.org
Mon Jun 19 05:25:47 EDT 2017
New submission from Tim Bell:
According to RFC 5322, an email address like this isn't valid:
user at example.com <user at example.com>
(The display-name "user at example.com" contains "@", which isn't in the set of atext characters used to form an atom.)
How it's handled by the email package varies by policy:
>>> import email
>>> from email.policy import default
>>> email.message_from_bytes(b'To: user at example.com <user at example.com>')['to']
'user at example.com <user at example.com>'
>>> email.message_from_bytes(b'To: user at example.com <user at example.com>', policy=default)['to']
'user at example.com'
>>> email.message_from_bytes(b'To: user at example.com <user at example.com>', policy=default).defects
[]
The difference between the behaviour under the compat32 vs "default" policy may or may not be significant.
However, if coupled with a further invalid feature, namely a space after the ">", here's what happens:
>>> email.message_from_bytes(b'To: user at example.com <user at example.com> ')['to']
'user at example.com <user at example.com> '
>>> email.message_from_bytes(b'To: user at example.com <user at example.com> ', policy=default)['to']
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/email/message.py", line 391, in __getitem__
return self.get(name)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/email/message.py", line 471, in get
return self.policy.header_fetch_parse(k, v)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/email/policy.py", line 162, in header_fetch_parse
return self.header_factory(name, value)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/email/headerregistry.py", line 586, in __call__
return self[name](name, value)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/email/headerregistry.py", line 197, in __new__
cls.parse(value, kwds)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/email/headerregistry.py", line 337, in parse
kwds['parse_tree'] = address_list = cls.value_parser(value)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/email/headerregistry.py", line 328, in value_parser
address_list, value = parser.get_address_list(value)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/email/_header_value_parser.py", line 2368, in get_address_list
token, value = get_invalid_mailbox(value, ',')
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/email/_header_value_parser.py", line 2166, in get_invalid_mailbox
token, value = get_phrase(value)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/email/_header_value_parser.py", line 1770, in get_phrase
token, value = get_word(value)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/email/_header_value_parser.py", line 1745, in get_word
if value[0]=='"':
IndexError: string index out of range
>>> email.message_from_bytes(b'To: user at example.com <user at example.com> ', policy=default).defects
[]
I believe that the preferred behaviour would be to add a defect to the message object during parsing instead of throwing an exception when the invalid header value is accessed.
----------
components: email
messages: 296309
nosy: barry, r.david.murray, timb07
priority: normal
severity: normal
status: open
title: Exception parsing certain invalid email address headers
type: behavior
versions: Python 3.5, Python 3.6, Python 3.7
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue30701>
_______________________________________
More information about the New-bugs-announce
mailing list