Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitc09dba5

Browse files
[3.9]gh-98433: Fix quadratic time idna decoding. (GH-99092) (GH-99222) (#99230)
There was an unnecessary quadratic loop in idna decoding. This restoresthe behavior to linear.(cherry picked from commitd315722)(cherry picked from commita6f6c3a)Co-authored-by: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>Co-authored-by: Gregory P. Smith <greg@krypto.org>
1 parentb43496c commitc09dba5

File tree

3 files changed

+27
-17
lines changed

3 files changed

+27
-17
lines changed

‎Lib/encodings/idna.py

Lines changed: 15 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -39,23 +39,21 @@ def nameprep(label):
3939

4040
# Check bidi
4141
RandAL= [stringprep.in_table_d1(x)forxinlabel]
42-
forcinRandAL:
43-
ifc:
44-
# There is a RandAL char in the string. Must perform further
45-
# tests:
46-
# 1) The characters in section 5.8 MUST be prohibited.
47-
# This is table C.8, which was already checked
48-
# 2) If a string contains any RandALCat character, the string
49-
# MUST NOT contain any LCat character.
50-
ifany(stringprep.in_table_d2(x)forxinlabel):
51-
raiseUnicodeError("Violation of BIDI requirement 2")
52-
53-
# 3) If a string contains any RandALCat character, a
54-
# RandALCat character MUST be the first character of the
55-
# string, and a RandALCat character MUST be the last
56-
# character of the string.
57-
ifnotRandAL[0]ornotRandAL[-1]:
58-
raiseUnicodeError("Violation of BIDI requirement 3")
42+
ifany(RandAL):
43+
# There is a RandAL char in the string. Must perform further
44+
# tests:
45+
# 1) The characters in section 5.8 MUST be prohibited.
46+
# This is table C.8, which was already checked
47+
# 2) If a string contains any RandALCat character, the string
48+
# MUST NOT contain any LCat character.
49+
ifany(stringprep.in_table_d2(x)forxinlabel):
50+
raiseUnicodeError("Violation of BIDI requirement 2")
51+
# 3) If a string contains any RandALCat character, a
52+
# RandALCat character MUST be the first character of the
53+
# string, and a RandALCat character MUST be the last
54+
# character of the string.
55+
ifnotRandAL[0]ornotRandAL[-1]:
56+
raiseUnicodeError("Violation of BIDI requirement 3")
5957

6058
returnlabel
6159

‎Lib/test/test_codecs.py

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1532,6 +1532,12 @@ def test_builtin_encode(self):
15321532
self.assertEqual("pyth\xf6n.org".encode("idna"),b"xn--pythn-mua.org")
15331533
self.assertEqual("pyth\xf6n.org.".encode("idna"),b"xn--pythn-mua.org.")
15341534

1535+
deftest_builtin_decode_length_limit(self):
1536+
withself.assertRaisesRegex(UnicodeError,"too long"):
1537+
(b"xn--016c"+b"a"*1100).decode("idna")
1538+
withself.assertRaisesRegex(UnicodeError,"too long"):
1539+
(b"xn--016c"+b"a"*70).decode("idna")
1540+
15351541
deftest_stream(self):
15361542
r=codecs.getreader("idna")(io.BytesIO(b"abc"))
15371543
r.read(3)
Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
The IDNA codec decoder used on DNS hostnames by:mod:`socket` or:mod:`asyncio`
2+
related name resolution functions no longer involves a quadratic algorithm.
3+
This prevents a potential CPU denial of service if an out-of-spec excessive
4+
length hostname involving bidirectional characters were decoded. Some protocols
5+
such as:mod:`urllib` http ``3xx`` redirects potentially allow for an attacker
6+
to supply such a name.

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp