Matej Cepl
de8c3896ee
- Renamed patch for assigned CVE:
* bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch ->
CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
(boo#1189241, CVE-2021-3737)
OBS-URL: https://build.opensuse.org/request/show/914418
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=299
27 lines
1.1 KiB
Diff
27 lines
1.1 KiB
Diff
--- a/Lib/httplib.py
|
|
+++ b/Lib/httplib.py
|
|
@@ -449,6 +449,7 @@ class HTTPResponse:
|
|
if status != CONTINUE:
|
|
break
|
|
# skip the header from the 100 response
|
|
+ header_count = 0
|
|
while True:
|
|
skip = self.fp.readline(_MAXLINE + 1)
|
|
if len(skip) > _MAXLINE:
|
|
@@ -458,6 +459,10 @@ class HTTPResponse:
|
|
break
|
|
if self.debuglevel > 0:
|
|
print "header:", skip
|
|
+ # CVE-2021-3737: Fix infinitely reading potential HTTP headers on a 100 Continue status response from the server
|
|
+ header_count += 1
|
|
+ if header_count > _MAXHEADERS:
|
|
+ raise HTTPException("got more than %d headers" % _MAXHEADERS)
|
|
|
|
self.status = status
|
|
self.reason = reason.strip()
|
|
--- /dev/null
|
|
+++ b/Misc/NEWS.d/next/Security/2021-05-05-17-37-04.bpo-44022.bS3XJ9.rst
|
|
@@ -0,0 +1,2 @@
|
|
+mod:`http.client` now avoids infinitely reading potential HTTP headers after a
|
|
+``100 Continue`` status response from the server.
|