[issue38708] parse_message_id in email module is very buggy / crashy

Tue, 05 Nov 2019 14:48:39 -0800 


New submission from Dimitri John Ledkov <dimitri.led...@canonical.com>:

email module has recently got parse_message_id which is more strict now, then 
before.

However, it's not programmed as defensively as expected. Given bogus 
message-id, it crashes with unbound local variable, or like accessing a 
non-existing index.

So hyperkitty had a Message-ID "X"*260 in the testsuite that used to pass with 
3.7, but fails with 3.8.

======================================================================
ERROR: test_long_message_id (hyperkitty.tests.lib.test_incoming.TestAddToList)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "./hyperkitty/tests/lib/test_incoming.py", line 295, in 
test_long_message_id
    msg["Message-ID"] = "X" * 260
  File "/usr/lib/python3.8/email/message.py", line 409, in __setitem__
    self._headers.append(self.policy.header_store_parse(name, val))
  File "/usr/lib/python3.8/email/policy.py", line 148, in header_store_parse
    return (name, self.header_factory(name, value))
  File "/usr/lib/python3.8/email/headerregistry.py", line 602, in __call__
    return self[name](name, value)
  File "/usr/lib/python3.8/email/headerregistry.py", line 197, in __new__
    cls.parse(value, kwds)
  File "/usr/lib/python3.8/email/headerregistry.py", line 530, in parse
    kwds['parse_tree'] = parse_tree = cls.value_parser(value)
  File "/usr/lib/python3.8/email/_header_value_parser.py", line 2116, in 
parse_message_id
    message_id.append(token)
UnboundLocalError: local variable 'token' referenced before assignment

Similarly another user, surkova reports that value[0] in get_msg_id function is 
buggy too (doesn't check that value has a member)

First reported 
https://github.com/python/cpython/pull/13397#discussion_r341968031

Ideally, I'd like the function to raise a documented Exception for invalid 
Message-id, but not fail with what look like regular programming bugs in the 
email module. Expectation is that email module is either more permissive or is 
coded more defence-in-depth with more checking in place.

----------
messages: 356072
nosy: xnox
priority: normal
severity: normal
status: open
title: parse_message_id in email module is very buggy / crashy
versions: Python 3.8, Python 3.9

_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue38708>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Reply via email to