New submission from Alexander Kruppa:
An error in separating the path and filename of the CGI script to run in
http.server.CGIHTTPRequestHandler allows running arbitrary executables in the
directory under which the server was started.
The problem is that in CGIHTTPRequestHandler we have
Alexander Kruppa added the comment:
Opened #19003.
--
___
Python tracker
<http://bugs.python.org/issue16564>
___
___
Python-bugs-list mailing list
Unsubscribe:
New submission from Alexander Kruppa:
This is a follow-up to #16564. In that issue, BytesGenerator was changed to
accept a bytes payload, however processing binary data that way leads to data
corruption.
Repost of the update I posted in #16564
Alexander Kruppa added the comment:
It seems to me that this issue is not fixed correctly yet. I've tried Python
3.3.2:
~/build/Python-3.3.2$ ./python --version
Python 3.3.2
When modifying the test case in Lib/test/test_email/test_email.py like this:
--- Lib/test/test_email/test_ema
New submission from Alexander Kruppa:
I'm trying to use the email.* functions to craft HTTP POST data for file
upload. Trying something like
filedata = open("data", "rb").read()
postdata = MIMEMultipart()
fileattachment = MIMEApplication(filedata, _encoder=e
