]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a183a11) | patch
[3.12] gh-119452: Fix a potential virtual memory allocation denial of service in... 3.12
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Mon, 15 Dec 2025 14:11:38 +0000 (15:11 +0100)
committerGitHub <noreply@github.com>
Mon, 15 Dec 2025 14:11:38 +0000 (15:11 +0100)
commitd849cf5fec76947865370a41baba8934c581cdb2
treed9f9eed7b4777e36a629e3d638b8758a056102ebtree | snapshot
parenta183a11db8bc2520c52814635de2df118d2d7e8ccommit | diff
[3.12] gh-119452: Fix a potential virtual memory allocation denial of service in http.server (GH-142216) (#142297)

[3.14] gh-119452: Fix a potential virtual memory allocation denial of service in http.server (GH-142216)

The CGI server on Windows could consume the amount of memory specified
in the Content-Length header of the request even if the client does not
send such much data. Now it reads the POST request body by chunks,
therefore the memory consumption is proportional to the amount of sent
data.
(cherry picked from commit 0e4f4f1a4633f2d215fb5a803cae278aeea31845)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Lib/http/server.py diff | blob | blame | history
Lib/test/test_httpservers.py diff | blob | blame | history
Misc/NEWS.d/next/Security/2024-05-23-11-44-41.gh-issue-119452.PRfsSv.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git