From 057bc0704ab6d975e327c11cac204decfb478c4d Mon Sep 17 00:00:00 2001 From: Barry Warsaw Date: Tue, 29 Aug 2017 22:51:58 -0400 Subject: Squashed commit of the following: commit 3c6500c2292869f94667520f16c8d6c6f1d2c530 Author: Barry Warsaw Date: Tue Aug 29 22:51:18 2017 -0400 Close #383 Messages with badly encoded ``Subject`` headers no longer crash the message moderation REST API. commit f6040ec139bcccd48cfa9acc734cd528a8ede35c Author: Aurélien Bompard Date: Thu Jul 27 00:52:05 2017 +0200 Fix #383: email encoding errors can crash the REST API --- src/mailman/docs/NEWS.rst | 2 ++ src/mailman/rest/post_moderation.py | 2 +- src/mailman/rest/tests/test_moderation.py | 19 +++++++++++++++++++ 3 files changed, 22 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/mailman/docs/NEWS.rst b/src/mailman/docs/NEWS.rst index 328699371..a5e819c7a 100644 --- a/src/mailman/docs/NEWS.rst +++ b/src/mailman/docs/NEWS.rst @@ -24,6 +24,8 @@ Bugs * Various message holds and rejects that gave 'N/A' as a reason now give an appropriate reason. (Closes #368) * Bounce messages are now composed for proper translations. +* Messages with badly encoded ``Subject`` headers no longer crash the message + moderation REST API. (Closes #383) Command line ------------ diff --git a/src/mailman/rest/post_moderation.py b/src/mailman/rest/post_moderation.py index a747917de..b972bed53 100644 --- a/src/mailman/rest/post_moderation.py +++ b/src/mailman/rest/post_moderation.py @@ -95,7 +95,7 @@ class _HeldMessageBase(_ModerationBase): # Store the original header and then try decoding it. resource['original_subject'] = resource['subject'] # If we can't decode the header, leave the subject unchanged. - with suppress(LookupError, MessageError): + with suppress(LookupError, MessageError, UnicodeDecodeError): resource['subject'] = str( make_header(decode_header(resource['subject']))) # Also, held message resources will always be this type, so ignore diff --git a/src/mailman/rest/tests/test_moderation.py b/src/mailman/rest/tests/test_moderation.py index 0a9bb2608..4f6894ebb 100644 --- a/src/mailman/rest/tests/test_moderation.py +++ b/src/mailman/rest/tests/test_moderation.py @@ -144,6 +144,25 @@ Something else. dict(action='discard')) self.assertEqual(cm.exception.code, 404) + def test_subject_encoding_error(self): + # GL#383: messages with badly encoded Subject headers crash the REST + # server. + self._msg = mfs("""\ +From: anne@example.com +To: ant@example.com +Subject: =?GB2312?B?saa9o7fmtNPEpbVaQ2h1o6zDt7uoz+PX1L/guq7AtKGj?= +Message-ID: + +Something else. +""") + with transaction(): + held_id = hold_message(self._mlist, self._msg) + json, response = call_api( + 'http://localhost:9001/3.0/lists/ant@example.com/held') + self.assertEqual(response.status_code, 200) + self.assertEqual(json['total_size'], 1) + self.assertEqual(json['entries'][0]['request_id'], held_id) + class TestSubscriptionModeration(unittest.TestCase): layer = RESTLayer -- cgit v1.2.3-70-g09d2