mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-15 06:10:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 12

Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer

Browse source 
upon malformed POST request.
This commit is contained in:
Charles-François Natali 2012-02-18 14:15:38 +01:00
parent d358e0554b
commit 66f3cc6f8d
2 changed files with 7 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
Lib/SimpleXMLRPCServer.py
View file

@ -459,7 +459,10 @@ class SimpleXMLRPCRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
L = []
while size_remaining:
chunk_size = min(size_remaining, max_chunk_size)
L.append(self.rfile.read(chunk_size))
chunk = self.rfile.read(chunk_size)
if not chunk:
break
L.append(chunk)
size_remaining -= len(L[-1])
data = ''.join(L)