Message 233661 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	martin.panter
Recipients	Arfrever, christian.heimes, eric.araujo, martin.panter, nadeem.vawda, nikratio, pitrou, serhiy.storchaka, vstinner
Date	2015-01-08.14:38:35
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1420727917.23.0.932195199195.issue15955@psf.upfronthosting.co.za>
In-reply-to

Content
It turns out that GzipFile.read(<size>) etc is also susceptible to decompression bombing. Here is a patch to test and fix that, making use of the existing “max_length” parameter in the “zlib” module.

It turns out that GzipFile.read(<size>) etc is also susceptible to decompression bombing. Here is a patch to test and fix that, making use of the existing “max_length” parameter in the “zlib” module.

History
Date	User	Action	Args
2015-01-08 14:38:37	martin.panter	set	recipients: + martin.panter, pitrou, vstinner, christian.heimes, nadeem.vawda, eric.araujo, Arfrever, nikratio, serhiy.storchaka
2015-01-08 14:38:37	martin.panter	set	messageid: <1420727917.23.0.932195199195.issue15955@psf.upfronthosting.co.za>
2015-01-08 14:38:37	martin.panter	link	issue15955 messages
2015-01-08 14:38:37	martin.panter	create