Hey,
I was doing some fuzzing and I found out that the idna.decode() method can raise a UnicodeDecodeError leading to a crash of the running program.
This could be problematic if users of the library are dealing with untrusted data since this issue will lead to a DoS. This should be detected and an idna.IDNAError should be triggered as detailed in the Readme Exception section.
Reproduction
import idna
idna.decode(b'\x8d\xd2')
Traceback
python3 replay_crash.py
Traceback (most recent call last):
File "replay_crash.py", line 3, in <module>
idna.decode(b'\x8d\xd2')
File "/home/scop/.local/lib/python3.8/site-packages/idna/core.py", line 387, in decode
s = s.decode('ascii')
UnicodeDecodeError: 'ascii' codec can't decode byte 0x8d in position 0: ordinal not in range(128)Happy to help if you have any questions ;)
Hey,
I was doing some fuzzing and I found out that the
idna.decode()method can raise aUnicodeDecodeErrorleading to a crash of the running program.This could be problematic if users of the library are dealing with untrusted data since this issue will lead to a DoS. This should be detected and an
idna.IDNAErrorshould be triggered as detailed in the Readme Exception section.Reproduction
Traceback
Happy to help if you have any questions ;)