Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork33.3k
[3.7] bpo-45001: Make email date parsing more robust against malformed input (GH-27946)#27975
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Conversation
pythonGH-27946)Various date parsing utilities in the email module, such asemail.utils.parsedate(), are supposed to gracefully handle invalidinput, typically by raising an appropriate exception or by returningNone.The internal email._parseaddr._parsedate_tz() helper used by some ofthese date parsing routines tries to be robust against malformed input,but unfortunately it can still crash ungracefully when a non-empty butwhitespace-only input is passed. This manifests as an unexpectedIndexError.In practice, this can happen when parsing an email with only a newlineinside a ‘Date:’ header, which unfortunately happens occasionally in thereal world.Here's a minimal example: $ python Python 3.9.6 (default, Jun 30 2021, 10:22:16) [GCC 11.1.0] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import email.utils >>> email.utils.parsedate('foo') >>> email.utils.parsedate(' ') Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib/python3.9/email/_parseaddr.py", line 176, in parsedate t = parsedate_tz(data) File "/usr/lib/python3.9/email/_parseaddr.py", line 50, in parsedate_tz res = _parsedate_tz(data) File "/usr/lib/python3.9/email/_parseaddr.py", line 72, in _parsedate_tz if data[0].endswith(',') or data[0].lower() in _daynames: IndexError: list index out of rangeThe fix is rather straight-forward: guard against empty lists, aftersplitting on whitespace, but before accessing the first element.(cherry picked from commit989f6a3)Co-authored-by: wouter bolsterlee <wouter@bolsterl.ee>
@ned-deily, this is a bug fix with security-related connotations. I merged it to 3.8 so we might as well get it to 3.7 and 3.6. |
@ned-deily fyi, this explains how this can lead to denial-of-service:#27946 (comment) |
Sorry, I can't merge this PR. Reason: |
Uh oh!
There was an error while loading.Please reload this page.
Various date parsing utilities in the email module, such as
email.utils.parsedate(), are supposed to gracefully handle invalid
input, typically by raising an appropriate exception or by returning
None.
The internal email._parseaddr._parsedate_tz() helper used by some of
these date parsing routines tries to be robust against malformed input,
but unfortunately it can still crash ungracefully when a non-empty but
whitespace-only input is passed. This manifests as an unexpected
IndexError.
In practice, this can happen when parsing an email with only a newline
inside a ‘Date:’ header, which unfortunately happens occasionally in the
real world.
Here's a minimal example:
The fix is rather straight-forward: guard against empty lists, after
splitting on whitespace, but before accessing the first element.
(cherry picked from commit989f6a3)
Co-authored-by: wouter bolsterleewouter@bolsterl.ee
https://bugs.python.org/issue45001