Description
Bug report
Bug description:
We have identified a series of simple quadratic complexity vulnerabilities. After confirmation by CPython's security team, since these DOS vulnerabilities pose a low threat and are relatively tedious to exploit, we can directly initiate requests in issues to seek assistance from the community for fixes.
Below are the specific locations of the different complexity issues we discovered.
1.
Line 290 in f49a07b
2.
Line 73 in 5ab66a8
3.
Line 1206 in 5ab66a8
4.
cpython/Lib/email/_header_value_parser.py
Line 1424 in 5ab66a8
5.
cpython/Lib/email/_header_value_parser.py
Line 1506 in 5ab66a8
6.
cpython/Lib/email/_header_value_parser.py
Line 1688 in 5ab66a8
7.
cpython/Lib/email/_header_value_parser.py
Line 1697 in 5ab66a8
8.
cpython/Lib/email/_header_value_parser.py
Line 1847 in 5ab66a8
9.
cpython/Lib/email/_header_value_parser.py
Line 2200 in 5ab66a8
10.
cpython/Lib/email/_header_value_parser.py
Line 2231 in 5ab66a8
11.
cpython/Lib/email/_header_value_parser.py
Line 2260 in 5ab66a8
12.
cpython/Lib/email/_header_value_parser.py
Line 2411 in 5ab66a8
13.
cpython/Lib/email/_header_value_parser.py
Line 2570 in 5ab66a8
14.
cpython/Lib/email/_header_value_parser.py
Line 2642 in 5ab66a8
15.
cpython/Lib/email/_header_value_parser.py
Line 2762 in 5ab66a8
16.
cpython/Lib/email/_header_value_parser.py
Line 2965 in 5ab66a8
17.
cpython/Tools/freeze/checkextensions.py
Line 72 in e64395e
18.
Line 403 in cb8a72b
19.
Line 1373 in 5ab66a8
20.
Line 1454 in 98a5b83
21.
Line 642 in 98a5b83
Current repair status:
03/19 has been fixed. @johnzhou721
1 has been fixed. @Wulian233
2/4/5/6/7/8/9/10/11/12/13/14/15/16 has been fixed. @picnixz
1/18 has been fixed. @serhiy-storchaka
CPython versions tested on:
CPython main branch
Operating systems tested on:
Linux
Credits
Finder is kexinoh (Xiangfan Wu) from QI-ANXIN Technology Research Institute.