closes 16039: CVE-2013-1752: limit line length in imaplib readline calls.

commit: 020d7c379afe7edc7b5437c29b434ecc059e6a76 [log] [tgz]
author: R David Murray <rdmurray@bitdance.com> Fri Jan 03 13:59:22 2014 -0500
committer: R David Murray <rdmurray@bitdance.com> Fri Jan 03 13:59:22 2014 -0500
tree: eb76f786a8e021e37f41785c768bdc94b8c0e8a1
parent: 5851218e4228d36306b5a46387fc27daf48cf840 [diff] [blame]
diff --git a/Lib/imaplib.py b/Lib/imaplib.py
index c576927..4586fb3 100644
--- a/Lib/imaplib.py
+++ b/Lib/imaplib.py

@@ -35,6 +35,15 @@
 IMAP4_SSL_PORT = 993
 AllowedVersions = ('IMAP4REV1', 'IMAP4')        # Most recent first
 
+# Maximal line length when calling readline(). This is to prevent
+# reading arbitrary length lines. RFC 3501 and 2060 (IMAP 4rev1)
+# don't specify a line length. RFC 2683 however suggests limiting client
+# command lines to 1000 octets and server command lines to 8000 octets.
+# We have selected 10000 for some extra margin and since that is supposedly
+# also what UW and Panda IMAP does.
+_MAXLINE = 10000
+
+
 #       Commands
 
 Commands = {
@@ -237,7 +246,10 @@
 
     def readline(self):
         """Read line from remote."""
-        return self.file.readline()
+        line = self.file.readline(_MAXLINE + 1)
+        if len(line) > _MAXLINE:
+            raise self.error("got more than %d bytes" % _MAXLINE)
+        return line
 
 
     def send(self, data):
commit	020d7c379afe7edc7b5437c29b434ecc059e6a76	[log] [tgz]
author	R David Murray <rdmurray@bitdance.com>	Fri Jan 03 13:59:22 2014 -0500
committer	R David Murray <rdmurray@bitdance.com>	Fri Jan 03 13:59:22 2014 -0500
tree	eb76f786a8e021e37f41785c768bdc94b8c0e8a1
parent	5851218e4228d36306b5a46387fc27daf48cf840 [diff] [blame]