[Python-checkins] cpython (2.6): - Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read by
barry.warsaw
python-checkins at python.org
Wed Sep 25 16:43:18 CEST 2013
http://hg.python.org/cpython/rev/8b19e7d0be45
changeset: 85797:8b19e7d0be45
branch: 2.6
parent: 85788:4190568ceda0
user: Barry Warsaw <barry at python.org>
date: Wed Sep 25 09:36:58 2013 -0400
summary:
- Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read by
limiting the call to readline(). Original patch by Michał
Jastrzębski and Giampaolo Rodola.
with test fixes by Serhiy Storchaka.
files:
Lib/ftplib.py | 15 ++++++++++++---
Lib/test/test_ftplib.py | 22 +++++++++++++++++++++-
Misc/NEWS | 4 ++++
3 files changed, 37 insertions(+), 4 deletions(-)
diff --git a/Lib/ftplib.py b/Lib/ftplib.py
--- a/Lib/ftplib.py
+++ b/Lib/ftplib.py
@@ -54,6 +54,8 @@
# The standard FTP server control port
FTP_PORT = 21
+# The sizehint parameter passed to readline() calls
+MAXLINE = 8192
# Exception raised when an error or invalid response is received
@@ -100,6 +102,7 @@
debugging = 0
host = ''
port = FTP_PORT
+ maxline = MAXLINE
sock = None
file = None
welcome = None
@@ -179,7 +182,9 @@
# Internal: return one line from the server, stripping CRLF.
# Raise EOFError if the connection is closed
def getline(self):
- line = self.file.readline()
+ line = self.file.readline(self.maxline + 1)
+ if len(line) > self.maxline:
+ raise Error("got more than %d bytes" % self.maxline)
if self.debugging > 1:
print '*get*', self.sanitize(line)
if not line: raise EOFError
@@ -421,7 +426,9 @@
conn = self.transfercmd(cmd)
fp = conn.makefile('rb')
while 1:
- line = fp.readline()
+ line = fp.readline(self.maxline + 1)
+ if len(line) > self.maxline:
+ raise Error("got more than %d bytes" % self.maxline)
if self.debugging > 2: print '*retr*', repr(line)
if not line:
break
@@ -473,7 +480,9 @@
self.voidcmd('TYPE A')
conn = self.transfercmd(cmd)
while 1:
- buf = fp.readline()
+ buf = fp.readline(self.maxline + 1)
+ if len(buf) > self.maxline:
+ raise Error("got more than %d bytes" % self.maxline)
if not buf: break
if buf[-2:] != CRLF:
if buf[-1] in CRLF: buf = buf[:-1]
diff --git a/Lib/test/test_ftplib.py b/Lib/test/test_ftplib.py
--- a/Lib/test/test_ftplib.py
+++ b/Lib/test/test_ftplib.py
@@ -46,6 +46,7 @@
self.last_received_cmd = None
self.last_received_data = ''
self.next_response = ''
+ self.next_retr_data = RETR_DATA
self.push('220 welcome')
def collect_incoming_data(self, data):
@@ -162,7 +163,7 @@
def cmd_retr(self, arg):
self.push('125 retr ok')
- self.dtp.push(RETR_DATA)
+ self.dtp.push(self.next_retr_data)
self.dtp.close_when_done()
def cmd_list(self, arg):
@@ -175,6 +176,11 @@
self.dtp.push(NLST_DATA)
self.dtp.close_when_done()
+ def cmd_setlongretr(self, arg):
+ # For testing. Next RETR will return long line.
+ self.next_retr_data = 'x' * int(arg)
+ self.push('125 setlongretr ok')
+
class DummyFTPServer(asyncore.dispatcher, threading.Thread):
@@ -362,6 +368,20 @@
# IPv4 is in use, just make sure send_epsv has not been used
self.assertEqual(self.server.handler.last_received_cmd, 'pasv')
+ def test_line_too_long(self):
+ self.assertRaises(ftplib.Error, self.client.sendcmd,
+ 'x' * self.client.maxline * 2)
+
+ def test_retrlines_too_long(self):
+ self.client.sendcmd('SETLONGRETR %d' % (self.client.maxline * 2))
+ received = []
+ self.assertRaises(ftplib.Error,
+ self.client.retrlines, 'retr', received.append)
+
+ def test_storlines_too_long(self):
+ f = StringIO.StringIO('x' * self.client.maxline * 2)
+ self.assertRaises(ftplib.Error, self.client.storlines, 'stor', f)
+
class TestIPv6Environment(TestCase):
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -13,6 +13,10 @@
Library
-------
+- Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read by
+ limiting the call to readline(). Original patch by Michał
+ Jastrzębski and Giampaolo Rodola.
+
- Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to
limit line length. Patch by Emil Lind.
--
Repository URL: http://hg.python.org/cpython
More information about the Python-checkins
mailing list