Fix Issue6791 - Limit the HTTP header readline with _MAXLENGTH. Patch by Antoine Pitrou

1 files changed, 27 insertions, 0 deletions

diff --git a/Lib/test/test_httplib.py b/Lib/test/test_httplib.py
index 426995b..7dae65d 100644
--- a/Lib/test/test_httplib.py
+++ b/Lib/test/test_httplib.py
@@ -317,6 +317,33 @@ class BasicTest(TestCase):
         self.assertEqual("Basic realm=\"example\"",
                          resp.getheader("www-authenticate"))
 
+    # Test lines overflowing the max line size (_MAXLINE in http.client)
+
+    def test_overflowing_status_line(self):
+        body = "HTTP/1.1 200 Ok" + "k" * 65536 + "\r\n"
+        resp = client.HTTPResponse(FakeSocket(body))
+        self.assertRaises((client.LineTooLong, client.BadStatusLine), resp.begin)
+
+    def test_overflowing_header_line(self):
+        body = (
+            'HTTP/1.1 200 OK\r\n'
+            'X-Foo: bar' + 'r' * 65536 + '\r\n\r\n'
+        )
+        resp = client.HTTPResponse(FakeSocket(body))
+        self.assertRaises(client.LineTooLong, resp.begin)
+
+    def test_overflowing_chunked_line(self):
+        body = (
+            'HTTP/1.1 200 OK\r\n'
+            'Transfer-Encoding: chunked\r\n\r\n'
+            + '0' * 65536 + 'a\r\n'
+            'hello world\r\n'
+            '0\r\n'
+        )
+        resp = client.HTTPResponse(FakeSocket(body))
+        resp.begin()
+        self.assertRaises(client.LineTooLong, resp.read)
+
 class OfflineTest(TestCase):
     def test_responses(self):
         self.assertEqual(client.responses[client.NOT_FOUND], "Not Found")