Commit 95884453 authored by Tres Seaver's avatar Tres Seaver

Prevent zlib-based DoS when parsing cookie containing paste tokens.

Fixes LP #1094049.
parent f560f5a0
...@@ -23,7 +23,7 @@ from urllib import quote ...@@ -23,7 +23,7 @@ from urllib import quote
from urllib import unquote from urllib import unquote
import warnings import warnings
from zlib import compress from zlib import compress
from zlib import decompress from zlib import decompressobj
import transaction import transaction
from AccessControl import ClassSecurityInfo from AccessControl import ClassSecurityInfo
...@@ -647,8 +647,12 @@ def absattr(attr): ...@@ -647,8 +647,12 @@ def absattr(attr):
def _cb_encode(d): def _cb_encode(d):
return quote(compress(dumps(d), 9)) return quote(compress(dumps(d), 9))
def _cb_decode(s): def _cb_decode(s, maxsize=8192):
return loads(decompress(unquote(s))) dec = decompressobj()
data = dec.decompress(unquote(s), maxsize)
if dec.unconsumed_tail:
raise ValueError
return loads(data)
def cookie_path(request): def cookie_path(request):
# Return a "path" value for use in a cookie that refers # Return a "path" value for use in a cookie that refers
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment