From 66f3cc6f8de83c447d937160e4a1630c4482b5f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Charles-Fran=C3=A7ois=20Natali?= Date: Sat, 18 Feb 2012 14:15:38 +0100 Subject: [PATCH] Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer upon malformed POST request. --- Lib/SimpleXMLRPCServer.py | 5 ++++- Misc/NEWS | 3 +++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/Lib/SimpleXMLRPCServer.py b/Lib/SimpleXMLRPCServer.py index 6af2f2f7e0b..23ad5bd670f 100644 --- a/Lib/SimpleXMLRPCServer.py +++ b/Lib/SimpleXMLRPCServer.py @@ -459,7 +459,10 @@ class SimpleXMLRPCRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler): L = [] while size_remaining: chunk_size = min(size_remaining, max_chunk_size) - L.append(self.rfile.read(chunk_size)) + chunk = self.rfile.read(chunk_size) + if not chunk: + break + L.append(chunk) size_remaining -= len(L[-1]) data = ''.join(L) diff --git a/Misc/NEWS b/Misc/NEWS index 92e8197691d..20d39b66d1e 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -13,6 +13,9 @@ Core and Builtins Library ------- +- Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in + SimpleXMLRPCServer upon malformed POST request. + - Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV attack countermeasure.