Message 236659 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	martin.panter
Recipients	martin.panter, nikratio
Date	2015-02-26.10:22:05
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1424946126.98.0.486244279604.issue23528@psf.upfronthosting.co.za>
In-reply-to

Content
This is a patch I originally posted at Issue 15955, but am moving it to a separate issue so there is less confusion. GzipFile.read(<size>) etc is susceptible to decompression bombing. My patch tests and fixes that, making use of the existing “max_length” parameter in the “zlib” module. The rest of Issue 15955 is about enhancing the bzip and LZMA modules to support limited decompression, but since the zlib module can already limit the decompressed data, I think this gzip patch should be considered as a bug fix rather than enhancement, e.g. the fix for Issue 16043 (gzip decoding for XML RPC module) assumed GzipFile.read(<size>) is limited.

This is a patch I originally posted at Issue 15955, but am moving it to a separate issue so there is less confusion. GzipFile.read(<size>) etc is susceptible to decompression bombing. My patch tests and fixes that, making use of the existing “max_length” parameter in the “zlib” module.

The rest of Issue 15955 is about enhancing the bzip and LZMA modules to support limited decompression, but since the zlib module can already limit the decompressed data, I think this gzip patch should be considered as a bug fix rather than enhancement, e.g. the fix for Issue 16043 (gzip decoding for XML RPC module) assumed GzipFile.read(<size>) is limited.

History
Date	User	Action	Args
2015-02-26 10:22:07	martin.panter	set	recipients: + martin.panter, nikratio
2015-02-26 10:22:06	martin.panter	set	messageid: <1424946126.98.0.486244279604.issue23528@psf.upfronthosting.co.za>
2015-02-26 10:22:06	martin.panter	link	issue23528 messages
2015-02-26 10:22:06	martin.panter	create