Issue #16037: Limit httplib's _read_status() function to work around broken

HTTP servers and reduce memory usage. It's actually a backport of a Python 3.2 fix. Thanks to Adrien Kunysz.
author: Christian Heimes <christian@cheimes.de> 2012-09-25 13:29:30 +0200
committer: Christian Heimes <christian@cheimes.de> 2012-09-25 13:29:30 +0200
commit: 671138f27dcdc3d259e85f7603acf01a46a44515 (patch)
tree: 42d56b81249c0287a8742c3acad23c0da74f2dac /Lib/httplib.py
parent: d41dc7ce468edda4172c228dae949a477d8ab03d (diff)
download: cpython-git-671138f27dcdc3d259e85f7603acf01a46a44515.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/Lib/httplib.py b/Lib/httplib.py
index 98296dc3c5..4c8b0fe209 100644
--- a/Lib/httplib.py
+++ b/Lib/httplib.py
@@ -362,7 +362,9 @@ class HTTPResponse:
 
     def _read_status(self):
         # Initialize with Simple-Response defaults
-        line = self.fp.readline()
+        line = self.fp.readline(_MAXLINE + 1)
+        if len(line) > _MAXLINE:
+            raise LineTooLong("header line")
         if self.debuglevel > 0:
             print "reply:", repr(line)
         if not line:
author	Christian Heimes <christian@cheimes.de>	2012-09-25 13:29:30 +0200
committer	Christian Heimes <christian@cheimes.de>	2012-09-25 13:29:30 +0200
commit	671138f27dcdc3d259e85f7603acf01a46a44515 (patch)
tree	42d56b81249c0287a8742c3acad23c0da74f2dac /Lib/httplib.py
parent	d41dc7ce468edda4172c228dae949a477d8ab03d (diff)
download	cpython-git-671138f27dcdc3d259e85f7603acf01a46a44515.tar.gz