summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorCharles-François Natali <neologix@free.fr>2012-02-18 13:30:34 (GMT)
committerCharles-François Natali <neologix@free.fr>2012-02-18 13:30:34 (GMT)
commite062466480c1aa8da6fa16532ec0252988f799ba (patch)
tree760f5801ea0cfbeb83c3df1bafb90d1bf64a9e39
parentc39b552603ef6a5f5c0e5a6d239a2f9021faffcc (diff)
parent66f3cc6f8de83c447d937160e4a1630c4482b5f5 (diff)
downloadcpython-e062466480c1aa8da6fa16532ec0252988f799ba.zip
cpython-e062466480c1aa8da6fa16532ec0252988f799ba.tar.gz
cpython-e062466480c1aa8da6fa16532ec0252988f799ba.tar.bz2
Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer
upon malformed POST request.
Diffstat
-rw-r--r--Lib/SimpleXMLRPCServer.py5
-rw-r--r--Lib/test/test_xmlrpc.py6
-rw-r--r--Misc/NEWS3
3 files changed, 13 insertions, 1 deletions
diff --git a/Lib/SimpleXMLRPCServer.py b/Lib/SimpleXMLRPCServer.py
index 4cdc154..4fefa5a 100644
--- a/Lib/SimpleXMLRPCServer.py
+++ b/Lib/SimpleXMLRPCServer.py
@@ -486,7 +486,10 @@ class SimpleXMLRPCRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
L = []
while size_remaining:
chunk_size = min(size_remaining, max_chunk_size)
- L.append(self.rfile.read(chunk_size))
+ chunk = self.rfile.read(chunk_size)
+ if not chunk:
+ break
+ L.append(chunk)
size_remaining -= len(L[-1])
data = ''.join(L)
diff --git a/Lib/test/test_xmlrpc.py b/Lib/test/test_xmlrpc.py
index c88a1ee..8e65fde 100644
--- a/Lib/test/test_xmlrpc.py
+++ b/Lib/test/test_xmlrpc.py
@@ -589,6 +589,12 @@ class SimpleServerTestCase(BaseServerTestCase):
# This avoids waiting for the socket timeout.
self.test_simple1()
+ def test_partial_post(self):
+ # Check that a partial POST doesn't make the server loop: issue #14001.
+ conn = httplib.HTTPConnection(ADDR, PORT)
+ conn.request('POST', '/RPC2 HTTP/1.0\r\nContent-Length: 100\r\n\r\nbye')
+ conn.close()
+
class MultiPathServerTestCase(BaseServerTestCase):
threadFunc = staticmethod(http_multi_server)
request_count = 2
diff --git a/Misc/NEWS b/Misc/NEWS
index 95e4b86..a02641f 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -93,6 +93,9 @@ Core and Builtins
Library
-------
+- Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in
+ SimpleXMLRPCServer upon malformed POST request.
+
- Issue #2489: pty.spawn could consume 100% cpu when it encountered an EOF.
- Issue #13014: Fix a possible reference leak in SSLSocket.getpeercert().
generated by cgit v0.12 at 2025-02-17 10:59:49 (GMT)