Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Alexander_Naumov:SLE-12:Update
python3-base.35637
CVE-2021-3737-infinite-loop-on-100-Continue.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2021-3737-infinite-loop-on-100-Continue.patch of Package python3-base.35637
--- Lib/http/client.py | 5 +++++ 1 file changed, 5 insertions(+) --- a/Lib/http/client.py +++ b/Lib/http/client.py @@ -411,6 +411,7 @@ class HTTPResponse(io.RawIOBase): if status != CONTINUE: break # skip the header from the 100 response + header_count = 0 while True: skip = self.fp.readline(_MAXLINE + 1) if len(skip) > _MAXLINE: @@ -420,6 +421,10 @@ class HTTPResponse(io.RawIOBase): break if self.debuglevel > 0: print("header:", skip) + # bpo-44022: Fix http client infinite line reading (DoS) after a http 100 + header_count += 1 + if header_count > _MAXHEADERS: + raise HTTPException("got more than %d headers" % _MAXHEADERS) self.code = self.status = status self.reason = reason.strip()
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor