[issue9129] DoS smtpd module vulnerability
Giampaolo Rodola'
report at bugs.python.org
Wed Jun 30 21:02:55 CEST 2010
Giampaolo Rodola' <g.rodola at gmail.com> added the comment:
It would be ideal to solve this issue in asyncore.py by fixing dispatcher.accept() once and for all, but I'm not sure whether this can be done in a fully retro-compatible way in terms of asyncore API.
Alternatively SMTPServer.handle_accept() can be fixed in the same way as pyftpdlib did:
http://code.google.com/p/pyftpdlib/source/browse/tags/release-0.5.2/pyftpdlib/ftpserver.py#622
def handle_accept(self)
try:
sock, addr = self.accept()
except TypeError:
# sometimes accept() might return None
return
except socket.error, err:
# ECONNABORTED might be thrown
if err[0] != errno.ECONNABORTED:
raise
return
else:
# sometimes addr == None instead of (ip, port)
if addr == None:
return
----------
nosy: +josiah.carlson
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue9129>
_______________________________________
More information about the Python-bugs-list
mailing list