diff options
| author | Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> | 2019-06-05 03:23:37 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-06-05 03:23:37 -0700 |
| commit | f62a372928fbf6a2ba722f12f069b75ca6ad16fb (patch) | |
| tree | dff68e8171f97adb917dd6df5062ee167cfb6b4d /Lib | |
| parent | 3d75bd15ac82575967db367c517d7e6e703a6de3 (diff) | |
| download | cpython-git-f62a372928fbf6a2ba722f12f069b75ca6ad16fb.tar.gz | |
bpo-30835: email: Fix AttributeError when parsing invalid CTE (GH-13598)
* bpo-30835: email: Fix AttributeError when parsing invalid Content-Transfer-Encoding
Parsing an email containing a multipart Content-Type, along with a
Content-Transfer-Encoding containing an invalid (non-ASCII-decodable) byte
will fail. email.feedparser.FeedParser._parsegen() gets the header and
attempts to convert it to lowercase before comparing it with the accepted
encodings, but as the header contains an invalid byte, it's returned as a
Header object rather than a str.
Cast the Content-Transfer-Encoding header to a str to avoid this.
Found using the AFL fuzzer.
Reported-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Andrew Donnellan <andrew@donnellan.id.au>
* Add email and NEWS entry for the bugfix.
(cherry picked from commit aa79707262f893428665ef45b5e879129abca4aa)
Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>
Diffstat (limited to 'Lib')
| -rw-r--r-- | Lib/email/feedparser.py | 2 | ||||
| -rw-r--r-- | Lib/test/test_email/test_email.py | 9 |
2 files changed, 10 insertions, 1 deletions
diff --git a/Lib/email/feedparser.py b/Lib/email/feedparser.py index 7c07ca8645..97d3f5144d 100644 --- a/Lib/email/feedparser.py +++ b/Lib/email/feedparser.py @@ -320,7 +320,7 @@ class FeedParser: self._cur.set_payload(EMPTYSTRING.join(lines)) return # Make sure a valid content type was specified per RFC 2045:6.4. - if (self._cur.get('content-transfer-encoding', '8bit').lower() + if (str(self._cur.get('content-transfer-encoding', '8bit')).lower() not in ('7bit', '8bit', 'binary')): defect = errors.InvalidMultipartContentTransferEncodingDefect() self.policy.handle_defect(self._cur, defect) diff --git a/Lib/test/test_email/test_email.py b/Lib/test/test_email/test_email.py index dfb3be8438..c29cc56203 100644 --- a/Lib/test/test_email/test_email.py +++ b/Lib/test/test_email/test_email.py @@ -1466,6 +1466,15 @@ Blah blah blah g.flatten(msg) self.assertEqual(b.getvalue(), source + b'>From R\xc3\xb6lli\n') + def test_mutltipart_with_bad_bytes_in_cte(self): + # bpo30835 + source = textwrap.dedent("""\ + From: aperson@example.com + Content-Type: multipart/mixed; boundary="1" + Content-Transfer-Encoding: \xc8 + """).encode('utf-8') + msg = email.message_from_bytes(source) + # Test the basic MIMEAudio class class TestMIMEAudio(unittest.TestCase): |