[Django] #36752: SMTP backend crashes on invalid email addresses such as “to@”

[Django]

#36752: SMTP backend crashes on invalid email addresses such as “to@”
-------------------------------------+-------------------------------------
     Reporter:  quarjo               |                     Type:  Bug
       Status:  new                  |                Component:  Core
                                     |  (Mail)
      Version:  dev                  |                 Severity:  Normal
     Keywords:  smtp invalid email   |             Triage Stage:
  parser regression                  |  Unreviewed
    Has patch:  0                    |      Needs documentation:  0
  Needs tests:  0                    |  Patch needs improvement:  0
Easy pickings:  0                    |                    UI/UX:  0
-------------------------------------+-------------------------------------
 While running the Django test suite on the current development version
 (6.1.dev), the SMTP backend crashes when preparing invalid email
 addresses such as "to@".

 This failure is triggered by the test:
 tests/mail/tests.py::test_avoids_sending_to_invalid_addresses

 Expected behavior:
 Invalid email addresses should be rejected early with a ValueError and
 must not reach the low-level email header parser used by
 AddressHeader.value_parser().

 Actual behavior:
 The following exception occurs when attempting to parse the invalid
 address:

 IndexError: string index out of range

 Traceback (excerpt):
   File django/core/mail/backends/smtp.py, in prep_address
     parsed = AddressHeader.value_parser(address)
   File .../email/_header_value_parser.py
     if value[0] in CFWS_LEADER:
 IndexError: string index out of range

 This indicates that the backend attempts to parse malformed email
 addresses too deeply instead of validating them first.

 Environment:
 - Django version: 6.1.dev
 - Python 3.12
 - Command: python tests/runtests.py mail

 Steps to reproduce:
 1. Clone Django main
 2. Install test dependencies
 3. Run: python tests/runtests.py mail
 4. Observe the failure in test_avoids_sending_to_invalid_addresses

 The failure is reproducible and appears to be a regression in the SMTP
 backend’s handling of invalid recipient addresses.
-- 
Ticket URL: <https://code.djangoproject.com/ticket/36752>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion visit 
https://groups.google.com/d/msgid/django-updates/0107019aadcdfa2c-11ebde8f-25e9-4e62-8391-121dad4b8cae-000000%40eu-central-1.amazonses.com.