You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was doing some fuzzing and I found out that the idna.decode() method can raise a UnicodeDecodeError leading to a crash of the running program.
This could be problematic if users of the library are dealing with untrusted data since this issue will lead to a DoS. This should be detected and an idna.IDNAError should be triggered as detailed in the Readme Exception section.
Reproduction
importidnaidna.decode(b'\x8d\xd2')
Traceback
python3 replay_crash.py
Traceback (most recent call last):
File "replay_crash.py", line 3, in<module>
idna.decode(b'\x8d\xd2')
File "/home/scop/.local/lib/python3.8/site-packages/idna/core.py", line 387, in decode
s = s.decode('ascii')
UnicodeDecodeError: 'ascii' codec can't decode byte 0x8d in position 0: ordinal not in range(128)