mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-03 00:23:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Issue #10714: Limit length of incoming request in http.server to 65536 bytes

Browse source 
for security reasons.  Initial patch by Ross Lagerwall.
This commit is contained in:
Antoine Pitrou 2010-12-16 16:48:36 +00:00
parent 12de8ac215
commit c492437922
4 changed files with 17 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
Lib/http/server.py
View file

@ -358,7 +358,13 @@ class BaseHTTPRequestHandler(socketserver.StreamRequestHandler):
"""
try:
self.raw_requestline = self.rfile.readline()
self.raw_requestline = self.rfile.readline(65537)
if len(self.raw_requestline) > 65536:
self.requestline = ''
self.request_version = ''
self.command = ''
self.send_error(414)
return
if not self.raw_requestline:
self.close_connection = 1
return