Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer

author Charles-François Natali <neologix@free.fr>

Sat, 18 Feb 2012 13:15:38 +0000 (14:15 +0100)

committer Charles-François Natali <neologix@free.fr>

Sat, 18 Feb 2012 13:15:38 +0000 (14:15 +0100)
author Charles-François Natali <neologix@free.fr>
Sat, 18 Feb 2012 13:15:38 +0000 (14:15 +0100)
committer Charles-François Natali <neologix@free.fr>
Sat, 18 Feb 2012 13:15:38 +0000 (14:15 +0100)
diff --git a/Lib/SimpleXMLRPCServer.py b/Lib/SimpleXMLRPCServer.py

index 6af2f2f7e0b5df75ca39756c60b4ebb4b0717807..23ad5bd670f4fd9a5acd3c281767fa440feeeb8c 100644 (file)
--- a/Lib/SimpleXMLRPCServer.py
+++ b/Lib/SimpleXMLRPCServer.py
@@ -459,7 +459,10 @@ class SimpleXMLRPCRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
              L = []
              while size_remaining:
                  chunk_size = min(size_remaining, max_chunk_size)
-                L.append(self.rfile.read(chunk_size))
+                chunk = self.rfile.read(chunk_size)
+                if not chunk:
+                    break
+                L.append(chunk)
                  size_remaining -= len(L[-1])
              data = ''.join(L)
  
diff --git a/Misc/NEWS b/Misc/NEWS

index 92e8197691da3ea75b932d3f4e7b73eceb2f93ea..20d39b66d1e51619e093115ba74e8496e9e47e38 100644 (file)
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -13,6 +13,9 @@ Core and Builtins
  Library
  -------
  
+- Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in
+  SimpleXMLRPCServer upon malformed POST request.
+
  - Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC
    IV attack countermeasure.
author	Charles-François Natali <neologix@free.fr>
	Sat, 18 Feb 2012 13:15:38 +0000 (14:15 +0100)
committer	Charles-François Natali <neologix@free.fr>
	Sat, 18 Feb 2012 13:15:38 +0000 (14:15 +0100)
Lib/SimpleXMLRPCServer.py		patch \| blob \| history
Misc/NEWS		patch \| blob \| history