From f62a372928fbf6a2ba722f12f069b75ca6ad16fb Mon Sep 17 00:00:00 2001 From: "Miss Islington (bot)" <31488909+miss-islington@users.noreply.github.com> Date: Wed, 5 Jun 2019 03:23:37 -0700 Subject: bpo-30835: email: Fix AttributeError when parsing invalid CTE (GH-13598) * bpo-30835: email: Fix AttributeError when parsing invalid Content-Transfer-Encoding Parsing an email containing a multipart Content-Type, along with a Content-Transfer-Encoding containing an invalid (non-ASCII-decodable) byte will fail. email.feedparser.FeedParser._parsegen() gets the header and attempts to convert it to lowercase before comparing it with the accepted encodings, but as the header contains an invalid byte, it's returned as a Header object rather than a str. Cast the Content-Transfer-Encoding header to a str to avoid this. Found using the AFL fuzzer. Reported-by: Daniel Axtens Signed-off-by: Andrew Donnellan * Add email and NEWS entry for the bugfix. (cherry picked from commit aa79707262f893428665ef45b5e879129abca4aa) Co-authored-by: Abhilash Raj --- Misc/NEWS.d/next/Library/2019-05-27-15-29-46.bpo-30835.3FoaWH.rst | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 Misc/NEWS.d/next/Library/2019-05-27-15-29-46.bpo-30835.3FoaWH.rst (limited to 'Misc') diff --git a/Misc/NEWS.d/next/Library/2019-05-27-15-29-46.bpo-30835.3FoaWH.rst b/Misc/NEWS.d/next/Library/2019-05-27-15-29-46.bpo-30835.3FoaWH.rst new file mode 100644 index 0000000000..019321d6f1 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2019-05-27-15-29-46.bpo-30835.3FoaWH.rst @@ -0,0 +1,3 @@ +Fixed a bug in email parsing where a message with invalid bytes in +content-transfer-encoding of a multipart message can cause an AttributeError. +Patch by Andrew Donnellan. -- cgit v1.2.1