Message124010
Attached is a unit test which tests the issue.
Unfortunately, since it uses the resource module to limit memory to a workable size, it will only work on Unix.
The given patch appears to fix the issue well.
I think this should be taken as a security issue (even if a rather odd one) since a malicious http server could be set up in place of the normal one and crash any http python clients that connect to it.
Eg:
Run: dd if=/dev/zero bs=10M count=1000 | nc -l 8888
And then:
import httplib
h = httplib.HTTPConnection('localhost', 8888)
h.connect()
h.request('GET', '/')
r = h.getresponse()
This should cause python to use up all the memory available. |
|
Date |
User |
Action |
Args |
2010-12-15 09:46:18 | rosslagerwall | set | recipients:
+ rosslagerwall, orsenthil, vstinner, m.sucajtys, BreamoreBoy |
2010-12-15 09:46:18 | rosslagerwall | set | messageid: <1292406378.83.0.73114508743.issue6791@psf.upfronthosting.co.za> |
2010-12-15 09:46:16 | rosslagerwall | link | issue6791 messages |
2010-12-15 09:46:16 | rosslagerwall | create | |
|