Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer

upon malformed POST request.
2025-12-04 00:30:19 +00:00 · 2012-02-18 14:53:41 +01:00 · 2012-02-18 14:53:41 +01:00 · cd96b4f1ff
commit cd96b4f1ff
parent ead1de2f03 ec1712a166
3 changed files with 15 additions and 7 deletions
--- a/Lib/xmlrpc/server.py
+++ b/Lib/xmlrpc/server.py
@ -474,7 +474,10 @@ class SimpleXMLRPCRequestHandler(BaseHTTPRequestHandler):
            L = []
            while size_remaining:
                chunk_size = min(size_remaining, max_chunk_size)
-                L.append(self.rfile.read(chunk_size))
+                chunk = self.rfile.read(chunk_size)
+                if not chunk:
+                    break
+                L.append(chunk)
                size_remaining -= len(L[-1])
            data = b''.join(L)