Author rosslagerwall
Recipients rosslagerwall
Date 2010-12-16.04:48:09
SpamBayes Score 0.00207023
Marked as misclassified No
Message-id <>
BaseHTTPRequestHandler in http.server does not limit the length of the request line so a malicious client can cause the server to run out of memory with a malicious request.

This patch limits the length to 64K (like Apache) and sends Error 414 if it exceeds this.
Date User Action Args
2010-12-16 04:48:11rosslagerwallsetrecipients: + rosslagerwall
2010-12-16 04:48:11rosslagerwallsetmessageid: <>
2010-12-16 04:48:10rosslagerwalllinkissue10714 messages
2010-12-16 04:48:10rosslagerwallcreate