diff options
author | Senthil Kumaran <senthil@uthcode.com> | 2014-09-17 08:29:29 (GMT) |
---|---|---|
committer | Senthil Kumaran <senthil@uthcode.com> | 2014-09-17 08:29:29 (GMT) |
commit | e025b52db0651081eb08978efa850269c8282073 (patch) | |
tree | b7d3c25d7f1a48f0476a9f1465212007467f542f /Lib/wsgiref/simple_server.py | |
parent | 2a42a0bff36129fc9aec06b20e67747cfcc85230 (diff) | |
download | cpython-e025b52db0651081eb08978efa850269c8282073.zip cpython-e025b52db0651081eb08978efa850269c8282073.tar.gz cpython-e025b52db0651081eb08978efa850269c8282073.tar.bz2 |
Issue #22419: Limit the length of incoming HTTP request in wsgiref server to 65536 bytes.
Diffstat (limited to 'Lib/wsgiref/simple_server.py')
-rw-r--r-- | Lib/wsgiref/simple_server.py | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/Lib/wsgiref/simple_server.py b/Lib/wsgiref/simple_server.py index cd9751a..378b316 100644 --- a/Lib/wsgiref/simple_server.py +++ b/Lib/wsgiref/simple_server.py @@ -115,7 +115,14 @@ class WSGIRequestHandler(BaseHTTPRequestHandler): def handle(self): """Handle a single HTTP request""" - self.raw_requestline = self.rfile.readline() + self.raw_requestline = self.rfile.readline(65537) + if len(self.raw_requestline) > 65536: + self.requestline = '' + self.request_version = '' + self.command = '' + self.send_error(414) + return + if not self.parse_request(): # An error code has been sent, just exit return |