git.ipfire.org Git - thirdparty/Python/cpython.git/commit

]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit

projects / thirdparty / Python / cpython.git / commit

author	Serhiy Storchaka <storchaka@gmail.com>
	Fri, 5 Dec 2025 14:20:23 +0000 (16:20 +0200)
committer	GitHub <noreply@github.com>
	Fri, 5 Dec 2025 14:20:23 +0000 (16:20 +0200)
commit	0e4f4f1a4633f2d215fb5a803cae278aeea31845
tree	25f49030dd964c0c17ee754ea745707165f028a5	tree \| snapshot
parent	f130b06da30616dd4dae363c7d8af79b540a7971	commit \| diff

[3.14] gh-119452: Fix a potential virtual memory allocation denial of service in http.server (GH-142216)

The CGI server on Windows could consume the amount of memory specified
in the Content-Length header of the request even if the client does not
send such much data. Now it reads the POST request body by chunks,
therefore the memory consumption is proportional to the amount of sent
data.

Lib/http/server.py		diff \| blob \| blame \| history
Lib/test/test_httpservers.py		diff \| blob \| blame \| history
Misc/NEWS.d/next/Security/2024-05-23-11-44-41.gh-issue-119452.PRfsSv.rst	[new file with mode: 0644]	blob

Mirror of https://github.com/python/cpython.git

RSS Atom