-
-
Notifications
You must be signed in to change notification settings - Fork 34.6k
Out-of-memory when reading a HTTP response with large Content-Length #119451
Copy link
Copy link
Open
Labels
3.10only security fixesonly security fixes3.11only security fixesonly security fixes3.12only security fixesonly security fixes3.13bugs and security fixesbugs and security fixes3.14bugs and security fixesbugs and security fixes3.15pre-release feature fixes, bugs and security fixespre-release feature fixes, bugs and security fixesstdlibStandard Library Python modules in the Lib/ directoryStandard Library Python modules in the Lib/ directorytopic-IOtype-securityA security issueA security issue
Description
Metadata
Metadata
Assignees
Labels
3.10only security fixesonly security fixes3.11only security fixesonly security fixes3.12only security fixesonly security fixes3.13bugs and security fixesbugs and security fixes3.14bugs and security fixesbugs and security fixes3.15pre-release feature fixes, bugs and security fixespre-release feature fixes, bugs and security fixesstdlibStandard Library Python modules in the Lib/ directoryStandard Library Python modules in the Lib/ directorytopic-IOtype-securityA security issueA security issue
http.client.HTTPResponse.read()(without argument) consumes the amount of memory specified by the value of theContent-Lenghtheader in the response before starting receiving the data from the socket. Normally, if the server does not send enough data, the client getsIncompleteReaderror, but ifContent-Lenghtis too large, it can consume a large amount of memory and CPU time and cause swapping. Therefore, a maleficent server can cause a DOS attack on client by sending a small response.Linked PRs