Commit 671138f2 authored by Christian Heimes's avatar Christian Heimes

Issue #16037: Limit httplib's _read_status() function to work around broken

HTTP servers and reduce memory usage. It's actually a backport of a Python
3.2 fix. Thanks to Adrien Kunysz.
parent d41dc7ce
...@@ -362,7 +362,9 @@ class HTTPResponse: ...@@ -362,7 +362,9 @@ class HTTPResponse:
def _read_status(self): def _read_status(self):
# Initialize with Simple-Response defaults # Initialize with Simple-Response defaults
line = self.fp.readline() line = self.fp.readline(_MAXLINE + 1)
if len(line) > _MAXLINE:
raise LineTooLong("header line")
if self.debuglevel > 0: if self.debuglevel > 0:
print "reply:", repr(line) print "reply:", repr(line)
if not line: if not line:
......
...@@ -9,6 +9,10 @@ What's New in Python 2.7.4 ...@@ -9,6 +9,10 @@ What's New in Python 2.7.4
Core and Builtins Core and Builtins
----------------- -----------------
- Issue #16037: Limit httplib's _read_status() function to work around broken
HTTP servers and reduce memory usage. It's actually a backport of a Python
3.2 fix. Thanks to Adrien Kunysz.
- Issue #13992: The trashcan mechanism is now thread-safe. This eliminates - Issue #13992: The trashcan mechanism is now thread-safe. This eliminates
sporadic crashes in multi-thread programs when several long deallocator sporadic crashes in multi-thread programs when several long deallocator
chains ran concurrently and involved subclasses of built-in container chains ran concurrently and involved subclasses of built-in container
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment