[issue14036] urlparse insufficient port property validation
zulla
report at bugs.python.org
Mon May 21 17:06:41 CEST 2012
zulla <dan at defendassist.com> added the comment:
Your comment is completely senseless, sorry.
Of course such high port numbers do not exist.
An attacker is counting on that. Imagine something like that
pass_to_cython(urlparse("http://google.de:999999**999999[to be calculated]").port)
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue14036>
_______________________________________
More information about the Python-bugs-list
mailing list