Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer

upon malformed POST request.
2025-08-19 00:00:48 +00:00 · 2012-02-18 14:30:34 +01:00 · 2012-02-18 14:30:34 +01:00 · e062466480
commit e062466480
parent c39b552603 66f3cc6f8d
3 changed files with 13 additions and 1 deletions
--- a/Lib/test/test_xmlrpc.py
+++ b/Lib/test/test_xmlrpc.py
@ -589,6 +589,12 @@ class SimpleServerTestCase(BaseServerTestCase):
        # This avoids waiting for the socket timeout.
        self.test_simple1()

+    def test_partial_post(self):
+        # Check that a partial POST doesn't make the server loop: issue #14001.
+        conn = httplib.HTTPConnection(ADDR, PORT)
+        conn.request('POST', '/RPC2 HTTP/1.0\r\nContent-Length: 100\r\n\r\nbye')
+        conn.close()
+
 class MultiPathServerTestCase(BaseServerTestCase):
    threadFunc = staticmethod(http_multi_server)
    request_count = 2