[go/release-branch.go1.24] [release-branch.go1.24] net/mail: avoid quadratic behavior in mail address parsing

[Gopher Robot (Gerrit)]

Gopher Robot submitted the change

Change information

Commit message:

[release-branch.go1.24] net/mail: avoid quadratic behavior in mail address parsing

RFC 5322 domain-literal parsing built the dtext value one character
at a time with string concatenation, resulting in excessive
resource consumption when parsing very large domain-literal values.

Replace with a subslice.

Benchmark not included in this CL because it's too narrow to be
of general ongoing use, but for:

    ParseAddress("alice@[" + strings.Repeat("a", 0x40000) + "]")

goos: darwin
goarch: arm64
pkg: net/mail
cpu: Apple M4 Pro
                │  /tmp/bench.0  │            /tmp/bench.1             │
                │     sec/op     │   sec/op     vs base                │
ParseAddress-14   1987.732m ± 9%   1.524m ± 5%  -99.92% (p=0.000 n=10)

                │   /tmp/bench.0   │             /tmp/bench.1              │
                │       B/op       │     B/op      vs base                 │
ParseAddress-14   33692.767Mi ± 0%   1.282Mi ± 0%  -100.00% (p=0.000 n=10)

                │  /tmp/bench.0  │            /tmp/bench.1            │
                │   allocs/op    │ allocs/op   vs base                │
ParseAddress-14   263711.00 ± 0%   17.00 ± 0%  -99.99% (p=0.000 n=10)

Thanks to Philippe Antoine (Catena cyber) for reporting this issue.

Fixes CVE-2025-61725
For #75680
Fixes #75700

Change-Id: Id971c2d5b59882bb476e22fceb7e01ec08234bb7

Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/2840

Reviewed-by: Roland Shoemaker <brac...@google.com>

Reviewed-by: Nicholas Husin <hu...@google.com>

Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/2962

Reviewed-by: Damien Neil <dn...@google.com>

Reviewed-on: https://go-review.googlesource.com/c/go/+/709835

Auto-Submit: Michael Pratt <mpr...@google.com>

TryBot-Bypass: Michael Pratt <mpr...@google.com>

Reviewed-by: Carlos Amedee <car...@golang.org>

Files:

• M src/net/mail/message.go

Change size: XS

Delta: 1 file changed, 4 insertions(+), 2 deletions(-)

Branch: refs/heads/release-branch.go1.24

Submit Requirements:

• Code-Review: +2 by Carlos Amedee
• TryBots-Pass: TryBot-Bypass+1 by Michael Pratt

Open in Gerrit

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: merged

Gerrit-Project: go

Gerrit-Branch: release-branch.go1.24

Gerrit-Change-Id: Id971c2d5b59882bb476e22fceb7e01ec08234bb7

Gerrit-Change-Number: 709835

Gerrit-PatchSet: 2

Gerrit-Owner: Michael Pratt <mpr...@google.com>

Gerrit-Reviewer: Carlos Amedee <car...@golang.org>

Gerrit-Reviewer: Gopher Robot <go...@golang.org>

Gerrit-Reviewer: Michael Pratt <mpr...@google.com>

Gerrit-CC: Damien Neil <dn...@google.com>

Gerrit-CC: Go LUCI <golang...@luci-project-accounts.iam.gserviceaccount.com>

[Gopher Robot (Gerrit)]

Gopher Robot submitted the change

Change information

Commit message:

[release-branch.go1.25] net/mail: avoid quadratic behavior in mail address parsing

RFC 5322 domain-literal parsing built the dtext value one character
at a time with string concatenation, resulting in excessive
resource consumption when parsing very large domain-literal values.

Replace with a subslice.

Benchmark not included in this CL because it's too narrow to be
of general ongoing use, but for:

    ParseAddress("alice@[" + strings.Repeat("a", 0x40000) + "]")

goos: darwin
goarch: arm64
pkg: net/mail
cpu: Apple M4 Pro
                │  /tmp/bench.0  │            /tmp/bench.1             │
                │     sec/op     │   sec/op     vs base                │
ParseAddress-14   1987.732m ± 9%   1.524m ± 5%  -99.92% (p=0.000 n=10)

                │   /tmp/bench.0   │             /tmp/bench.1              │
                │       B/op       │     B/op      vs base                 │
ParseAddress-14   33692.767Mi ± 0%   1.282Mi ± 0%  -100.00% (p=0.000 n=10)

                │  /tmp/bench.0  │            /tmp/bench.1            │
                │   allocs/op    │ allocs/op   vs base                │
ParseAddress-14   263711.00 ± 0%   17.00 ± 0%  -99.99% (p=0.000 n=10)

Thanks to Philippe Antoine (Catena cyber) for reporting this issue.

Fixes CVE-2025-61725
For #75680

Fixes #75701

Change-Id: Id971c2d5b59882bb476e22fceb7e01ec08234bb7

Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/2840

Reviewed-by: Roland Shoemaker <brac...@google.com>

Reviewed-by: Nicholas Husin <hu...@google.com>

Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/2961

Reviewed-by: Damien Neil <dn...@google.com>

Reviewed-on: https://go-review.googlesource.com/c/go/+/709844

TryBot-Bypass: Michael Pratt <mpr...@google.com>

Auto-Submit: Michael Pratt <mpr...@google.com>

Reviewed-by: Carlos Amedee <car...@golang.org>

Files:

• M src/net/mail/message.go

Change size: XS

Delta: 1 file changed, 4 insertions(+), 2 deletions(-)

Branch: refs/heads/release-branch.go1.25

Submit Requirements:

• Code-Review: +2 by Carlos Amedee
• TryBots-Pass: TryBot-Bypass+1 by Michael Pratt

Open in Gerrit

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: merged

Gerrit-Project: go

Gerrit-Branch: release-branch.go1.25

Gerrit-Change-Id: Id971c2d5b59882bb476e22fceb7e01ec08234bb7

Gerrit-Change-Number: 709844

[Gopher Robot (Gerrit)]

Gopher Robot submitted the change

Change information

Commit message:

net/mail: avoid quadratic behavior in mail address parsing

RFC 5322 domain-literal parsing built the dtext value one character
at a time with string concatenation, resulting in excessive
resource consumption when parsing very large domain-literal values.

Replace with a subslice.

Benchmark not included in this CL because it's too narrow to be
of general ongoing use, but for:

    ParseAddress("alice@[" + strings.Repeat("a", 0x40000) + "]")

goos: darwin
goarch: arm64
pkg: net/mail
cpu: Apple M4 Pro
                │  /tmp/bench.0  │            /tmp/bench.1             │
                │     sec/op     │   sec/op     vs base                │
ParseAddress-14   1987.732m ± 9%   1.524m ± 5%  -99.92% (p=0.000 n=10)

                │   /tmp/bench.0   │             /tmp/bench.1              │
                │       B/op       │     B/op      vs base                 │
ParseAddress-14   33692.767Mi ± 0%   1.282Mi ± 0%  -100.00% (p=0.000 n=10)

                │  /tmp/bench.0  │            /tmp/bench.1            │
                │   allocs/op    │ allocs/op   vs base                │
ParseAddress-14   263711.00 ± 0%   17.00 ± 0%  -99.99% (p=0.000 n=10)

Thanks to Philippe Antoine (Catena cyber) for reporting this issue.

Fixes CVE-2025-61725

Fixes #75680

Change-Id: Id971c2d5b59882bb476e22fceb7e01ec08234bb7

Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/2840

Reviewed-by: Roland Shoemaker <brac...@google.com>

Reviewed-by: Nicholas Husin <hu...@google.com>

Reviewed-on: https://go-review.googlesource.com/c/go/+/709860

Reviewed-by: Carlos Amedee <car...@golang.org>

TryBot-Bypass: Michael Pratt <mpr...@google.com>

Auto-Submit: Michael Pratt <mpr...@google.com>

Files:

• M src/net/mail/message.go

Change size: XS

Delta: 1 file changed, 4 insertions(+), 2 deletions(-)

Branch: refs/heads/master

Submit Requirements:

• Code-Review: +2 by Carlos Amedee

• TryBots-Pass: LUCI-TryBot-Result-1 by Go LUCI, TryBot-Bypass+1 by Michael Pratt

Open in Gerrit

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: merged

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Id971c2d5b59882bb476e22fceb7e01ec08234bb7

Gerrit-Change-Number: 709860

Gerrit-PatchSet: 2

Gerrit-Owner: Michael Pratt <mpr...@google.com>

Gerrit-Reviewer: Carlos Amedee <car...@golang.org>

Gerrit-Reviewer: Go LUCI <golang...@luci-project-accounts.iam.gserviceaccount.com>