Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer upon malformed POST request.

commit: ec1712a1662282c909b4cd4cc0c7486646bc9246 [log] [tgz]
author: Charles-François Natali <neologix@free.fr> Sat Feb 18 14:42:57 2012 +0100
committer: Charles-François Natali <neologix@free.fr> Sat Feb 18 14:42:57 2012 +0100
tree: 772508e22ec0530c9d469ff7e21be244beebffea
parent: 2f7b286a8ce74fbfaa8d2170d457308c6a62e870 [diff] [blame]
diff --git a/Lib/xmlrpc/server.py b/Lib/xmlrpc/server.py
index 24d8a6a..93df561 100644
--- a/Lib/xmlrpc/server.py
+++ b/Lib/xmlrpc/server.py

@@ -449,7 +449,10 @@
             L = []
             while size_remaining:
                 chunk_size = min(size_remaining, max_chunk_size)
-                L.append(self.rfile.read(chunk_size))
+                chunk = self.rfile.read(chunk_size)
+                if not chunk:
+                    break
+                L.append(chunk)
                 size_remaining -= len(L[-1])
             data = b''.join(L)
commit	ec1712a1662282c909b4cd4cc0c7486646bc9246	[log] [tgz]
author	Charles-François Natali <neologix@free.fr>	Sat Feb 18 14:42:57 2012 +0100
committer	Charles-François Natali <neologix@free.fr>	Sat Feb 18 14:42:57 2012 +0100
tree	772508e22ec0530c9d469ff7e21be244beebffea
parent	2f7b286a8ce74fbfaa8d2170d457308c6a62e870 [diff] [blame]