[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
STINNER Victor
report at bugs.python.org
Fri May 17 09:51:18 CEST 2013
STINNER Victor added the comment:
> Are multiple wildcards per fragment even specified?
I don't know the standard, but it sounds strange to have more than one wildcard per part of an URL. "*.*.*.google.com" looks valid to me, whereas "*a*a*a*.google.com" looks very suspicious.
Said differently, I expect:
assert max(part.count("*") for part in url.split(".")) <= 1
"*" pattern is replace with '[^.]+' regex, so I may not cause the exponential complexity issue. (I didn't check.)
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue17980>
_______________________________________
More information about the Python-bugs-list
mailing list