bpo-36564: Fix infinite loop in email folding logic #12732
Conversation
dc75480 to
f77716c
Compare
|
I believe this will cause merge conflicts with #12020. I have subscribed to that PR and will rebase if it is merged first. |
Lib/email/_header_value_parser.py
Outdated
| chrome_len = len(encode_as) + 7 | ||
|
|
||
| if (chrome_len + 1) >= maxlen: | ||
| raise ValueError("Maximum length too short to fit any values") |
There was a problem hiding this comment.
I picked ValueError here, but if there's a better error type let me know, I'm not super familiar with the email module.
There was a problem hiding this comment.
We should probably use email.errors.HeaderParseError instead of ValueError.
It would be nice if you could use single quotes for consistency in the module.
Also, the error message seems a bit vague given that it is not too short to fit any value, but too short to hold encoded word. An ascii value would be just fine with the line length). And, Maximum length is a hard to make sense when coming from an exception message. max_line_length is more greppable to me.
What do you think about this error?
max_line_length is too small to fit an encoded word.
There was a problem hiding this comment.
+1 for HeaderParseError but @bitdancer has more up-to-date perspective than I might have.
There was a problem hiding this comment.
No, a ValueError would be more appropriate here, I think, because it is an error in the value of maxlen. This isn't a parsing error, it's a rendering error.
Now, that said you might want to consider the fact that in _fold_mime_parameters I deal with this issue by bumping maxlen to 78 rather than raising an error. I'm not sure that was the right choice, but whatever we do, it should probably be made consistent between the two cases. It is so sad that I never came back to fix that XXX comment I left myself :(
Note: I unfortunately am not too likely to see github comments, I get too much noise from that source...I just caught this one by chance. If you need my attention please post on the issue.
There was a problem hiding this comment.
Also, the error message seems a bit vague given that it is not too short to fit any value, but too short to hold encoded word. An ascii value would be just fine with the line length). And,
Maximum lengthis a hard to make sense when coming from an exception message.max_line_lengthis more greppable to me.
I agree that "Maximum length" is not going to be a good error, switching to max_line_length is a good idea.
Regarding the "encoded word" situation, I guess when I wrote this I had assumed that the RFC chrome was added to every line regardless, but only realized that that wasn't the case through testing. I'm still not entirely clear why the encoding chrome is unnecessary for shorter words, but I think the suggested comments at least explain when the chrome becomes necessary.
f77716c to
7294e5e
Compare
7294e5e to
60b9217
Compare
60b9217 to
bf536d1
Compare
Lib/email/_header_value_parser.py
Outdated
| chrome_len = len(encode_as) + 7 | ||
|
|
||
| if (chrome_len + 1) >= maxlen: | ||
| raise ValueError("Maximum length too short to fit any values") |
There was a problem hiding this comment.
We should probably use email.errors.HeaderParseError instead of ValueError.
It would be nice if you could use single quotes for consistency in the module.
Also, the error message seems a bit vague given that it is not too short to fit any value, but too short to hold encoded word. An ascii value would be just fine with the line length). And, Maximum length is a hard to make sense when coming from an exception message. max_line_length is more greppable to me.
What do you think about this error?
max_line_length is too small to fit an encoded word.
Lib/test/test_email/test_policy.py
Outdated
| # required length for a line | ||
|
|
||
| # Note: This is only triggered when there is a single word longer than | ||
| # maxlen, hence the 1234567890 at the end of this whimsical subject |
There was a problem hiding this comment.
Slight change to the comment to make it a bit more clear why this bug is trigerred when there is a single world longer than maxlen.
# Note: This is only triggered when there is a single word longer than
# max_line_length. This is because when we encounter a word longer than max_line_length,
# it is broken down into encoded words to fit max_line_length. If the max_line_length isn't
# large enough to even contain RFC 2047 chrome (`?=<charset>?q??=`), we fail.
# Hence the 1234567890 at the end of this whimsical subject.
Just to make it clear that Header can have words longer than max line length, as long as max_line_length > 7 + len(charset) + 1.
There was a problem hiding this comment.
(There's an extra space in your comment: "even contain"
There was a problem hiding this comment.
HeaderParseError seems right to me too, but maybe @bitdancer has a different opinion?
There was a problem hiding this comment.
Actually, the phrase "even contain RFC 2047 chrome (?=<charset>?q??=)" should probably be "even contain RFC 2047 chrome plus one character(?=<charset>?q?x?=)"
Lib/test/test_email/test_policy.py
Outdated
| def test_short_maxlen_error(self): | ||
| # RFC 2047 chrome takes up 7 characters, plus the length of the charset | ||
| # name, so folding should fail if maxlen is lower than the minimum | ||
| # required length for a line |
|
A Python core developer has requested some changes be made to your pull request before we can consider merging it. If you could please address their requests along with any other requests in other reviews from core developers that would be appreciated. Once you have made the requested changes, please leave a comment on this pull request containing the phrase |
|
Also @pganssle you may want to change the description, since the first point (The value being folded contains a single word (no spaces) longer than max_line_length) isn't true. |
|
Thanks for the reviews everyone. Just as an update, I am planning on making the requested changes soon, but I've just started a new job and I'm still working out some of the IP issues so I've been holding off on any non-trivial OSS work until that's sorted out. Shouldn't be too much longer. |
184072d to
aff66ad
Compare
|
I have made the requested changes; please review again |
|
Thanks for making the requested changes! @warsaw: please review the changes made to this pull request. |
As far as I can tell, this infinite loop would be triggered if: 1. The value being folded contains a single word (no spaces) longer than max_line_length 2. The max_line_length is shorter than the encoding's name + 9 characters. bpo-36564: https://bugs.python.org/issue36564
aff66ad to
01f7fb9
Compare
|
LGTM! @pganssle It is usually better to not force push and just keep adding more commits as your make changes your existing PR. It makes it a bit easy to remember what changes were made after the previous review, especially if it has been a while since last review :) |
|
When you're done making the requested changes, leave the comment: |
|
GH-14797 is a backport of this pull request to the 3.8 branch. |
As far as I can tell, this infinite loop would be triggered if: 1. The value being folded contains a single word (no spaces) longer than max_line_length 2. The max_line_length is shorter than the encoding's name + 9 characters. bpo-36564: https://bugs.python.org/issue36564 (cherry picked from commit f69d5c6) Co-authored-by: Paul Ganssle <pganssle@users.noreply.github.com>
As far as I can tell, this infinite loop would be triggered if: 1. The value being folded contains a single word (no spaces) longer than max_line_length 2. The max_line_length is shorter than the encoding's name + 9 characters. bpo-36564: https://bugs.python.org/issue36564 (cherry picked from commit f69d5c6) Co-authored-by: Paul Ganssle <pganssle@users.noreply.github.com>
|
GH-14798 is a backport of this pull request to the 3.7 branch. |
|
GH-14799 is a backport of this pull request to the 3.6 branch. |
As far as I can tell, this infinite loop would be triggered if: 1. The value being folded contains a single word (no spaces) longer than max_line_length 2. The max_line_length is shorter than the encoding's name + 9 characters. bpo-36564: https://bugs.python.org/issue36564 (cherry picked from commit f69d5c6) Co-authored-by: Paul Ganssle <pganssle@users.noreply.github.com>
As far as I can tell, this infinite loop would be triggered if: 1. The value being folded contains a single word (no spaces) longer than max_line_length 2. The max_line_length is shorter than the encoding's name + 9 characters. bpo-36564: https://bugs.python.org/issue36564 (cherry picked from commit f69d5c6) Co-authored-by: Paul Ganssle <pganssle@users.noreply.github.com>
As far as I can tell, this infinite loop would be triggered if: 1. The value being folded contains a single word (no spaces) longer than max_line_length 2. The max_line_length is shorter than the encoding's name + 9 characters. bpo-36564: https://bugs.python.org/issue36564 (cherry picked from commit f69d5c6) Co-authored-by: Paul Ganssle <pganssle@users.noreply.github.com>
As far as I can tell, this infinite loop would be triggered if: 1. The value being folded contains a single word (no spaces) longer than max_line_length 2. The max_line_length is shorter than the encoding's name + 9 characters. bpo-36564: https://bugs.python.org/issue36564 (cherry picked from commit f69d5c6) Co-authored-by: Paul Ganssle <pganssle@users.noreply.github.com>
As far as I can tell, this infinite loop would be triggered if: 1. The value being folded contains a single word (no spaces) longer than max_line_length 2. The max_line_length is shorter than the encoding's name + 9 characters. bpo-36564: https://bugs.python.org/issue36564
As far as I can tell, this infinite loop would be triggered if: 1. The value being folded contains a single word (no spaces) longer than max_line_length 2. The max_line_length is shorter than the encoding's name + 9 characters. bpo-36564: https://bugs.python.org/issue36564
As far as I can tell, this infinite loop would be triggered if:
max_line_length
characters.
bpo-36564: https://bugs.python.org/issue36564
https://bugs.python.org/issue36564