[issue14036] urlparse insufficient port property validation
zulla
report at bugs.python.org
Mon May 21 17:09:22 CEST 2012
zulla <dan at defendassist.com> added the comment:
we should at least check if the .port attribute is an intereger >= 1 and <= 65535. _because_ this is the only valid port range. otherwise, it is no valid port. but it may be a integer overflow attack attempt
when a developer uses .port, he is counting on the result being valid
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue14036>
_______________________________________
More information about the Python-bugs-list
mailing list