Issue #15633: httplib.HTTPResponse is now mark closed when the server sends less...

diff --git a/Lib/http/client.py b/Lib/http/client.py
index 4d93b93ff012d460b9ebab87ad13d17e23dbb1fe..36528dacba7abad17b35315b71d5d3b8ff3f988f 100644 (file)
--- a/Lib/http/client.py
+++ b/Lib/http/client.py
@@ -493,7 +493,11 @@ class HTTPResponse(io.RawIOBase):
             if self.length is None:
                 s = self.fp.read()
             else:
-                s = self._safe_read(self.length)
+                try:
+                    s = self._safe_read(self.length)
+                except IncompleteRead:
+                    self.close()
+                    raise
                 self.length = 0
             self.close()        # we read everything
             return s
@@ -507,6 +511,10 @@ class HTTPResponse(io.RawIOBase):
         # connection, and the user is reading more bytes than will be provided
         # (for example, reading in 1k chunks)
         s = self.fp.read(amt)
+        if not s:
+            # Ideally, we would raise IncompleteRead if the content-length
+            # wasn't satisfied, but it might break compatibility.
+            self.close()
         if self.length is not None:
             self.length -= len(s)
             if not self.length:

diff --git a/Lib/test/test_httplib.py b/Lib/test/test_httplib.py
index b0777d42867c4f88dd644f17f61c43f0a5dc9150..5df4b512041cf3723ca37e36c00e3192d2eade3e 100644 (file)
--- a/Lib/test/test_httplib.py
+++ b/Lib/test/test_httplib.py
@@ -199,6 +199,19 @@ class BasicTest(TestCase):
         self.assertEqual(resp.read(1), b'')
         self.assertTrue(resp.isclosed())
 
+    def test_partial_reads_incomplete_body(self):
+        # if the server shuts down the connection before the whole
+        # content-length is delivered, the socket is gracefully closed
+        body = "HTTP/1.1 200 Ok\r\nContent-Length: 10\r\n\r\nText"
+        sock = FakeSocket(body)
+        resp = client.HTTPResponse(sock)
+        resp.begin()
+        self.assertEqual(resp.read(2), b'Te')
+        self.assertFalse(resp.isclosed())
+        self.assertEqual(resp.read(2), b'xt')
+        self.assertEqual(resp.read(1), b'')
+        self.assertTrue(resp.isclosed())
+
     def test_host_port(self):
         # Check invalid host_port
 
@@ -349,7 +362,7 @@ class BasicTest(TestCase):
         resp = client.HTTPResponse(sock, method="GET")
         resp.begin()
         self.assertEqual(resp.read(), b'Hello\r\n')
-        resp.close()
+        self.assertTrue(resp.isclosed())
 
     def test_incomplete_read(self):
         sock = FakeSocket('HTTP/1.1 200 OK\r\nContent-Length: 10\r\n\r\nHello\r\n')
@@ -363,10 +376,9 @@ class BasicTest(TestCase):
                              "IncompleteRead(7 bytes read, 3 more expected)")
             self.assertEqual(str(i),
                              "IncompleteRead(7 bytes read, 3 more expected)")
+            self.assertTrue(resp.isclosed())
         else:
             self.fail('IncompleteRead expected')
-        finally:
-            resp.close()
 
     def test_epipe(self):
         sock = EPipeSocket(

diff --git a/Misc/NEWS b/Misc/NEWS
index 420056ed3ab28b2c245f98e521e96a598c113047..d23ab200a0234959f424e0f960b82d461a67559b 100644 (file)
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -212,6 +212,9 @@ Core and Builtins
 Library
 -------
 
+- Issue #15633: httplib.HTTPResponse is now mark closed when the server
+  sends less than the advertised Content-Length.
+
 - Issue #6972: The zipfile module no longer overwrites files outside of
   its destination path when extracting malicious zip files.