]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d4fa707) | patch
gh-119451: Fix a potential denial of service in http.client (GH-119454)
authorSerhiy Storchaka <storchaka@gmail.com>
Mon, 1 Dec 2025 15:26:07 +0000 (17:26 +0200)
committerGitHub <noreply@github.com>
Mon, 1 Dec 2025 15:26:07 +0000 (17:26 +0200)
commit5a4c4a033a4a54481be6870aa1896fad732555b5
tree9a41b8fa7d1234acb33727e4b0382fde7c9ee0edtree | snapshot
parentd4fa70706c95a5eec4cca340c6232c92168f6cffcommit | diff
gh-119451: Fix a potential denial of service in http.client (GH-119454)

Reading the whole body of the HTTP response could cause OOM if
the Content-Length value is too large even if the server does not send
a large amount of data. Now the HTTP client reads large data by chunks,
therefore the amount of consumed memory is proportional to the amount
of sent data.
Lib/http/client.py diff | blob | blame | history
Lib/test/test_httplib.py diff | blob | blame | history
Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git