+10
-17
lines changedFilter options
+10
-17
lines changed Original file line number Diff line number Diff line change
@@ -1182,16 +1182,6 @@ def open(self, host = '', port = IMAP4_SSL_PORT):
1182 1182
self.file = self.sslobj.makefile('rb')
1183 1183 1184 1184 1185 -
def read(self, size):
1186 -
"""Read 'size' bytes from remote."""
1187 -
return self.file.read(size)
1188 - 1189 - 1190 -
def readline(self):
1191 -
"""Read line from remote."""
1192 -
return self.file.readline()
1193 - 1194 - 1195 1185
def send(self, data):
1196 1186
"""Send data to remote."""
1197 1187
bytes = len(data)
@@ -166,14 +166,18 @@ def handle(self):
166 166 167 167 168 168
def test_linetoolong(self):
169 +
maxline = 10
170 + 169 171
class TooLongHandler(SimpleIMAPHandler):
170 172
def handle(self):
171 173
# Send a very long response line
172 -
self.wfile.write('* OK ' + imaplib._MAXLINE*'x' + '\r\n')
174 +
self.wfile.write('* OK ' + maxline * 'x' + '\r\n')
173 175 174 -
with self.reaped_server(TooLongHandler) as server:
175 -
self.assertRaises(imaplib.IMAP4.error,
176 -
self.imap_class, *server.server_address)
176 +
with self.reaped_server(TooLongHandler) as server, \
177 +
support.swap_attr(imaplib, '_MAXLINE', maxline):
178 +
with self.assertRaisesRegexp(imaplib.IMAP4.error,
179 +
'got more than 10 bytes'):
180 +
self.imap_class(*server.server_address)
177 181 178 182
class ThreadedNetworkedTests(BaseThreadedNetworkedTests):
179 183
@@ -187,9 +191,6 @@ class ThreadedNetworkedTestsSSL(BaseThreadedNetworkedTests):
187 191
server_class = SecureTCPServer
188 192
imap_class = IMAP4_SSL
189 193 190 -
def test_linetoolong(self):
191 -
raise unittest.SkipTest("test is not reliable on 2.7; see issue 20118")
192 - 193 194 194 195
class RemoteIMAPTest(unittest.TestCase):
195 196
host = 'cyrus.andrew.cmu.edu'
@@ -0,0 +1,2 @@
1 +
CVE-2013-1752: Change use of ``readline()`` in :class:`imaplib.IMAP4_SSL` to
2 +
limit line length.
You can’t perform that action at this time.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4