➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2009-09-28 16:40 by Andrei Korostelev, last changed 2022-04-11 14:56 by admin. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| httplib.python-2.5.diff | Andrei Korostelev, 2009-09-28 16:40 | Patch for Python-2.5 | ||
| httplib.python-2.6.2.diff | Andrei Korostelev, 2009-09-28 16:45 | Patch for Python-2.6.2 | ||
| httplib.python-3.1.1.diff | Andrei Korostelev, 2009-09-28 16:50 | Patch for Python-3.1.1 | ||
| Messages (5) | |||
|---|---|---|---|
| msg93215 - (view) | Author: Andrei Korostelev (Andrei Korostelev) | Date: 2009-09-28 16:40 | |
HTTPResponse._read_chunked cannot handle "slightly" ill-formed HTTP
response not ended with 0 chunk-size. I did not make an analysis what
type of webservers generate such responses, but one of them is bing.com
(former msn.com).
Example correct chunked http response:
HTTP/1.1 200 OK
Content-Type: text/plain
Transfer-Encoding: chunked
B
first chunk
A
last chunk
0
Example chunked http rsponse not ended with zero length:
HTTP/1.1 200 OK
Content-Type: text/plain
Transfer-Encoding: chunked
B
first chunk
A
last chunk
Suggested solution: when an empty line is met where a hexadecimal
chunk-size is expected, treat it as the end of HTTP response.
--- C:\Python25\Lib\httplib.py.orig 2008-02-12 20:48:24.000000000 +-0200
+++ C:\Python25\Lib\httplib.py.patched 2009-09-28 18:30:33.000000000 +-0200
@@ -542,12 +542,16 @@
while True:
if chunk_left is None:
line = self.fp.readline()
i = line.find(';')
if i >= 0:
line = line[:i] # strip chunk-extensions
+ # handle ill-formed response not ended with 0 chunk-size
+ line = line.strip()
+ if not line:
+ break
chunk_left = int(line, 16)
if chunk_left == 0:
break
if amt is None:
value += self._safe_read(chunk_left)
elif amt < chunk_left:
Attached patches for Python-2.5, Python-2.6 and Python-3.1.
|
|||
| msg93216 - (view) | Author: Andrei Korostelev (Andrei Korostelev) | Date: 2009-09-28 16:45 | |
Patch for Python-2.6 |
|||
| msg93218 - (view) | Author: Andrei Korostelev (Andrei Korostelev) | Date: 2009-09-28 16:50 | |
Added patch for python-3.1.1 |
|||
| msg112710 - (view) | Author: Terry J. Reedy (terry.reedy) *  |
Date: 2010-08-03 22:29 | |
When appropriate, patches should have new tests also. Patch looks simple, but I cannot review correctness or whether this could have a negative effect, like stopping too soon. This seems to be a rare need. |
|||
| msg131186 - (view) | Author: Florent Xicluna (flox) * |
Date: 2011-03-16 22:28 | |
Duplicate of #900744 |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:56:53 | admin | set | github: 51262 |
| 2011-03-16 22:28:12 | flox | set | status: open -> closed superseder: catch invalid chunk length in httplib read routine messages: + msg131186 nosy: terry.reedy, orsenthil, dstanek, flox, Andrei Korostelev resolution: duplicate |
| 2011-03-16 15:30:29 | flox | set | nosy:
+ flox |
| 2010-12-15 19:55:55 | pitrou | set | assignee: orsenthil nosy: + orsenthil |
| 2010-08-03 22:33:08 | dstanek | set | nosy:
+ dstanek |
| 2010-08-03 22:29:16 | terry.reedy | set | versions:
+ Python 2.7, Python 3.2, - Python 2.6, Python 2.5 nosy: + terry.reedy messages: + msg112710 stage: test needed |
| 2009-09-28 16:50:53 | Andrei Korostelev | set | files:
+ httplib.python-3.1.1.diff messages: + msg93218 |
| 2009-09-28 16:45:45 | Andrei Korostelev | set | files:
+ httplib.python-2.6.2.diff messages: + msg93216 |
| 2009-09-28 16:40:29 | Andrei Korostelev | create | |