Issue #22419: Limit the length of incoming HTTP request in wsgiref server to 65536 bytes.

This commit is contained in:
Senthil Kumaran 2014-09-17 16:29:29 +08:00
parent 2a42a0bff3
commit e025b52db0
4 changed files with 18 additions and 1 deletions

View File

@ -118,6 +118,11 @@ class IntegrationTests(TestCase):
out, err = run_amock() out, err = run_amock()
self.check_hello(out) self.check_hello(out)
def test_request_length(self):
out, err = run_amock(data=b"GET " + (b"x" * 65537) + b" HTTP/1.0\n\n")
self.assertEqual(out.splitlines()[0],
b"HTTP/1.0 414 Request-URI Too Long")
def test_validated_hello(self): def test_validated_hello(self):
out, err = run_amock(validator(hello_app)) out, err = run_amock(validator(hello_app))
# the middleware doesn't support len(), so content-length isn't there # the middleware doesn't support len(), so content-length isn't there

View File

@ -115,7 +115,14 @@ class WSGIRequestHandler(BaseHTTPRequestHandler):
def handle(self): def handle(self):
"""Handle a single HTTP request""" """Handle a single HTTP request"""
self.raw_requestline = self.rfile.readline() self.raw_requestline = self.rfile.readline(65537)
if len(self.raw_requestline) > 65536:
self.requestline = ''
self.request_version = ''
self.command = ''
self.send_error(414)
return
if not self.parse_request(): # An error code has been sent, just exit if not self.parse_request(): # An error code has been sent, just exit
return return

View File

@ -251,6 +251,7 @@ Denver Coneybeare
Phil Connell Phil Connell
Juan José Conti Juan José Conti
Matt Conway Matt Conway
Devin Cook
David M. Cooke David M. Cooke
Jason R. Coombs Jason R. Coombs
Garrett Cooper Garrett Cooper

View File

@ -13,6 +13,10 @@ Core and Builtins
Library Library
------- -------
- Issue #22419: Limit the length of incoming HTTP request in wsgiref server to
65536 bytes and send a 414 error code for higher lengths. Patch contributed
by Devin Cook.
- Lax cookie parsing in http.cookies could be a security issue when combined - Lax cookie parsing in http.cookies could be a security issue when combined
with non-standard cookie handling in some Web browsers. Reported by with non-standard cookie handling in some Web browsers. Reported by
Sergey Bobrov. Sergey Bobrov.