Merged revisions 87373,87381 via svnmerge from

svn+ssh://pythondev@svn.python.org/python/branches/py3k

BaseHTTPServer isn't fixed, this would require too much refactoring.

........
  r87373 | senthil.kumaran | 2010-12-18 17:55:23 +0100 (sam., 18 déc. 2010) | 3 lines

  Fix Issue6791 - Limit the HTTP header readline with _MAXLENGTH. Patch by Antoine Pitrou
........
  r87381 | antoine.pitrou | 2010-12-18 18:59:18 +0100 (sam., 18 déc. 2010) | 3 lines

  NEWS entry for r87373
........

diff --git a/Lib/httplib.py b/Lib/httplib.py
index e1ace4dfe0670e5635bc4038f564a874376096c0..5af0d029557ab166866ab0aea229b664ff790c1f 100644 (file)
--- a/Lib/httplib.py
+++ b/Lib/httplib.py
@@ -212,6 +212,9 @@ responses = {
 # maximal amount of data to read at one time in _safe_read
 MAXAMOUNT = 1048576
 
+# maximal line length when calling readline().
+_MAXLINE = 65536
+
 class HTTPMessage(mimetools.Message):
 
     def addheader(self, key, value):
@@ -274,7 +277,9 @@ class HTTPMessage(mimetools.Message):
                 except IOError:
                     startofline = tell = None
                     self.seekable = 0
-            line = self.fp.readline()
+            line = self.fp.readline(_MAXLINE + 1)
+            if len(line) > _MAXLINE:
+                raise LineTooLong("header line")
             if not line:
                 self.status = 'EOF in headers'
                 break
@@ -404,7 +409,10 @@ class HTTPResponse:
                 break
             # skip the header from the 100 response
             while True:
-                skip = self.fp.readline().strip()
+                skip = self.fp.readline(_MAXLINE + 1)
+                if len(skip) > _MAXLINE:
+                    raise LineTooLong("header line")
+                skip = skip.strip()
                 if not skip:
                     break
                 if self.debuglevel > 0:
@@ -563,7 +571,9 @@ class HTTPResponse:
         value = []
         while True:
             if chunk_left is None:
-                line = self.fp.readline()
+                line = self.fp.readline(_MAXLINE + 1)
+                if len(line) > _MAXLINE:
+                    raise LineTooLong("chunk size")
                 i = line.find(';')
                 if i >= 0:
                     line = line[:i] # strip chunk-extensions
@@ -598,7 +608,9 @@ class HTTPResponse:
         # read and discard trailer up to the CRLF terminator
         ### note: we shouldn't have any trailers!
         while True:
-            line = self.fp.readline()
+            line = self.fp.readline(_MAXLINE + 1)
+            if len(line) > _MAXLINE:
+                raise LineTooLong("trailer line")
             if not line:
                 # a vanishingly small number of sites EOF without
                 # sending the trailer
@@ -730,7 +742,9 @@ class HTTPConnection:
             raise socket.error("Tunnel connection failed: %d %s" % (code,
                                                                     message.strip()))
         while True:
-            line = response.fp.readline()
+            line = response.fp.readline(_MAXLINE + 1)
+            if len(line) > _MAXLINE:
+                raise LineTooLong("header line")
             if line == '\r\n': break
 
 
@@ -1233,6 +1247,11 @@ class BadStatusLine(HTTPException):
         self.args = line,
         self.line = line
 
+class LineTooLong(HTTPException):
+    def __init__(self, line_type):
+        HTTPException.__init__(self, "got more than %d bytes when reading %s"
+                                     % (_MAXLINE, line_type))
+
 # for backwards compatibility
 error = HTTPException
 

diff --git a/Lib/test/test_httplib.py b/Lib/test/test_httplib.py
index bb6d3cf42f3f76b9aa56dfb3653a1f157ea7f410..2708728e801bd3f39f800895bec7ecc19d11cac5 100644 (file)
--- a/Lib/test/test_httplib.py
+++ b/Lib/test/test_httplib.py
@@ -319,6 +319,35 @@ class BasicTest(TestCase):
         self.assertTrue(hasattr(resp,'fileno'),
                 'HTTPResponse should expose a fileno attribute')
 
+    # Test lines overflowing the max line size (_MAXLINE in http.client)
+
+    def test_overflowing_status_line(self):
+        self.skipTest("disabled for HTTP 0.9 support")
+        body = "HTTP/1.1 200 Ok" + "k" * 65536 + "\r\n"
+        resp = httplib.HTTPResponse(FakeSocket(body))
+        self.assertRaises((httplib.LineTooLong, httplib.BadStatusLine), resp.begin)
+
+    def test_overflowing_header_line(self):
+        body = (
+            'HTTP/1.1 200 OK\r\n'
+            'X-Foo: bar' + 'r' * 65536 + '\r\n\r\n'
+        )
+        resp = httplib.HTTPResponse(FakeSocket(body))
+        self.assertRaises(httplib.LineTooLong, resp.begin)
+
+    def test_overflowing_chunked_line(self):
+        body = (
+            'HTTP/1.1 200 OK\r\n'
+            'Transfer-Encoding: chunked\r\n\r\n'
+            + '0' * 65536 + 'a\r\n'
+            'hello world\r\n'
+            '0\r\n'
+        )
+        resp = httplib.HTTPResponse(FakeSocket(body))
+        resp.begin()
+        self.assertRaises(httplib.LineTooLong, resp.read)
+
+
 class OfflineTest(TestCase):
     def test_responses(self):
         self.assertEqual(httplib.responses[httplib.NOT_FOUND], "Not Found")

diff --git a/Misc/NEWS b/Misc/NEWS
index f3355af3aceb87677402d096f5441f7f90621de6..19d6c418e8b469be7ecb88987b7e48352eccd3d0 100644 (file)
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -22,6 +22,9 @@ Core and Builtins
 Library
 -------
 
+- Issue #6791: Limit header line length (to 65535 bytes) in http.client,
+  to avoid denial of services from the other party.
+
 - Issue #10404: Use ctl-button-1 on OSX for the context menu in Idle.
 
 - Issue #9907: Fix tab handling on OSX when using editline by calling