[New-bugs-announce] [issue16039] imaplib: unlimited readline() from connection

Christian Heimes report at bugs.python.org
Tue Sep 25 12:36:10 CEST 2012

New submission from Christian Heimes:

This bug is similar to #16037 and a modified copy of #16038.

The imaplib module doesn't limit the amount of read data in its call to readline(). An erroneous or malicious IMAP server can trick the imaplib module to consume large amounts of memory.

The imaplib module should be modified to use limited readline() with _MAXLINE like the httplib module.

components: Library (Lib)
messages: 171242
nosy: christian.heimes
priority: normal
severity: normal
status: open
title: imaplib: unlimited readline() from connection
type: resource usage

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list