gh-150479: reject CR and LF in email.utils.formataddr

[metsw24-max]

formataddr() passes CR and LF in the name or address straight into the
returned header string, so a crafted display name or address can inject
extra headers. headerregistry.Address already rejects these; do the same here.

• Issue: email.utils.formataddr does not reject CR and LF in address parts #150479

[python-cla-bot]

All commit authors signed the Contributor License Agreement.

[picnixz]

formataddr is meant to be the reverse of parseaddr which has a strict/non-strict form. I would suggest you to do the same, namely with a strict parameter. We should allow non-strict forms to be allowed, even with CR/LF.

On the other hand, it may be assumed that this is a GIGO case where formataddr should only be called on an RFC-compliant pair, not an arbitrary one.

Note: please update the docs to mention the change with a versionchanged directive.

@bitdancer what do you want to do for this one? I think it would make sense to retain some strictness as for the other helpers. This is the only helper that doesn't have a strict parameter.

[bedevere-app]

A Python core developer has requested some changes be made to your pull request before we can consider merging it. If you could please address their requests along with any other requests in other reviews from core developers that would be appreciated.

Once you have made the requested changes, please leave a comment on this pull request containing the phrase I have made the requested changes; please review again. I will then notify any core developers who have left a review that you're ready for them to take another look at this pull request.

And if you don't make the requested changes, you will be put in the comfy chair!

[metsw24-max]

@picnixz
Done. Added strict=True keyword-only parameter to formataddr(), mirroring parseaddr().
When strict=False, CR/LF validation is skipped. Docs updated with a .. versionchanged:: 3.16 directive.

[read-the-docs-community]

Documentation build overview

📚 cpython-previews | 🛠️ Build #32868880 | 📁 Comparing d51ab23 against main (776573c)

  🔍 Preview build  

3 files changed

± library/email.utils.html
± reference/compound_stmts.html
± whatsnew/changelog.html

[picnixz]

Are you using an LLM model?

[metsw24-max]

@picnixz
I used an LLM to assist with drafting the changes, but I reviewed and verified everything manually before submitting.

[picnixz]

Ok, but:

• Please sign the CLA.
• Read our policy on LLMs https://devguide.python.org/getting-started/ai-tools/index.html if it's not already done.
• Don't update the branch if the CI tests are not failing (CLA failures, news failures, and other failures not related to runtime also don't warrant a branch update). This was explained in https://devguide.python.org/getting-started/pull-request-lifecycle/#update-branch-button which should have been read first as well.