From d7abc31bd554500342906685bde24e03966e561f Mon Sep 17 00:00:00 2001 From: "Gregory P. Smith" Date: Mon, 20 Jan 2025 12:09:42 -0800 Subject: [PATCH] modernize the test, expand the NEWS entry. --- Lib/test/test_imaplib.py | 8 ++++---- .../2024-05-24-21-00-52.gh-issue-119511.jKrXQ8.rst | 9 +++++++-- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/Lib/test/test_imaplib.py b/Lib/test/test_imaplib.py index e9ffeae990e7fb..a11920144e01fa 100644 --- a/Lib/test/test_imaplib.py +++ b/Lib/test/test_imaplib.py @@ -913,11 +913,11 @@ def handle(self): self._send_textline('* OK {%d}' % size) self._send_textline('IMAP4rev1') - for w in range(15, 64): - size = 1 << w + for exponent in range(15, 64): + size = 1 << exponent with self.reaped_server(BadHandler) as server: - self.assertRaises(imaplib.IMAP4.abort, - self.imap_class, *server.server_address) + with self.assertRaises(imaplib.IMAP4.abort): + self.imap_class(*server.server_address) @threading_helper.reap_threads def test_simple_with_statement(self): diff --git a/Misc/NEWS.d/next/Security/2024-05-24-21-00-52.gh-issue-119511.jKrXQ8.rst b/Misc/NEWS.d/next/Security/2024-05-24-21-00-52.gh-issue-119511.jKrXQ8.rst index d610a6938ae0c7..101eafaab789cb 100644 --- a/Misc/NEWS.d/next/Security/2024-05-24-21-00-52.gh-issue-119511.jKrXQ8.rst +++ b/Misc/NEWS.d/next/Security/2024-05-24-21-00-52.gh-issue-119511.jKrXQ8.rst @@ -1,2 +1,7 @@ -Fix a vulnerability in the :mod:`imaplib` module, when connecting to a -malicious server could cause an arbitrary amount of memory to be consumed. +Fix a potential denial of service vulnerability in the :mod:`imaplib` module. +When connecting to a malicious server, it could cause an arbitrary amount of +memory to be allocated. On many systems this is harmless as unused virtual +memory is only a mapping, but if this hit a virtual address size limit it could +lead to a :exc:`MemoryError` or other process crash. On unusual systems or +builds where all allocated memory is touched and backed by actual ram or +storage it could've consumed resources doing so until similarly crashing.