Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer

upon malformed POST request.
author: Charles-François Natali <neologix@free.fr> 2012-02-18 13:53:41 (GMT)
committer: Charles-François Natali <neologix@free.fr> 2012-02-18 13:53:41 (GMT)
commit: cd96b4f1ff4dd3a97eedbcea8a837388c0cb8345 (patch)
tree: 270c805de948cee78b13fed5776abb9e0c0c4ad0 /Lib/xmlrpc/server.py
parent: ead1de2f0320fa80f717891fd3ae465172fcd96a (diff)
parent: ec1712a1662282c909b4cd4cc0c7486646bc9246 (diff)
download: cpython-cd96b4f1ff4dd3a97eedbcea8a837388c0cb8345.zip
cpython-cd96b4f1ff4dd3a97eedbcea8a837388c0cb8345.tar.gz
cpython-cd96b4f1ff4dd3a97eedbcea8a837388c0cb8345.tar.bz2
1 files changed, 4 insertions, 1 deletions
diff --git a/Lib/xmlrpc/server.py b/Lib/xmlrpc/server.py
index 72f3bfc..d7ed3f3 100644
--- a/Lib/xmlrpc/server.py
+++ b/Lib/xmlrpc/server.py
@@ -474,7 +474,10 @@ class SimpleXMLRPCRequestHandler(BaseHTTPRequestHandler):
             L = []
             while size_remaining:
                 chunk_size = min(size_remaining, max_chunk_size)
-                L.append(self.rfile.read(chunk_size))
+                chunk = self.rfile.read(chunk_size)
+                if not chunk:
+                    break
+                L.append(chunk)
                 size_remaining -= len(L[-1])
             data = b''.join(L)
author	Charles-François Natali <neologix@free.fr>	2012-02-18 13:53:41 (GMT)
committer	Charles-François Natali <neologix@free.fr>	2012-02-18 13:53:41 (GMT)
commit	cd96b4f1ff4dd3a97eedbcea8a837388c0cb8345 (patch)
tree	270c805de948cee78b13fed5776abb9e0c0c4ad0 /Lib/xmlrpc/server.py
parent	ead1de2f0320fa80f717891fd3ae465172fcd96a (diff)
parent	ec1712a1662282c909b4cd4cc0c7486646bc9246 (diff)
download	cpython-cd96b4f1ff4dd3a97eedbcea8a837388c0cb8345.zip cpython-cd96b4f1ff4dd3a97eedbcea8a837388c0cb8345.tar.gz cpython-cd96b4f1ff4dd3a97eedbcea8a837388c0cb8345.tar.bz2