From: daftshady <daftonshady@gmail.com>
Date: Sun, 15 May 2016 14:01:17 +0000 (+0900)
Subject: Handle invalid content-length
X-Git-Tag: v4.4.0b1~15^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d8d9a84c548ef7b0941b76f4c58222a3f40085f9;p=thirdparty%2Ftornado.git

Handle invalid content-length
---

diff --git a/tornado/http1connection.py b/tornado/http1connection.py
index 8194f9143..43034c6b5 100644
--- a/tornado/http1connection.py
+++ b/tornado/http1connection.py
@@ -540,7 +540,13 @@ class HTTP1Connection(httputil.HTTPConnection):
                         "Multiple unequal Content-Lengths: %r" %
                         headers["Content-Length"])
                 headers["Content-Length"] = pieces[0]
-            content_length = int(headers["Content-Length"])
+
+            try:
+                content_length = int(headers["Content-Length"])
+            except ValueError:
+                # Handles non-integer Content-Length value.
+                raise httputil.HTTPInputError(
+                    "Only integer Content-Length is allowed: %s" % headers["Content-Length"])
 
             if content_length > self._max_body_size:
                 raise httputil.HTTPInputError("Content-Length too long")