New submission from Christian Heimes: This bug is similar to #16037 and a modified copy of #16038.
The nntplib module doesn't limit the amount of read data in its call to readline(). An erroneous or malicious news server can trick the nntplib module to consume large amounts of memory. Suggestion: The nntplib module should be modified to use limited readline() with _MAXLINE like the httplib module. ---------- components: Library (Lib) messages: 171243 nosy: christian.heimes priority: normal severity: normal status: open title: nntplib: unlimited readline() from connection type: resource usage versions: Python 2.7, Python 3.2, Python 3.3 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue16040> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com