Commit d2f4fc9b authored by Vincent Pelletier's avatar Vincent Pelletier

wsgi: Raise TooLarge even when Content-Length is not provided.

Prevent the (very unlikely at a 10MB given the manipulated data structures)
risk of a partial read accidentally containing producing a well-formed
result.
Also, only accept base-10 content lengths.
parent 0b871b56
......@@ -2241,6 +2241,12 @@ class CaucaseTest(unittest.TestCase):
'CONTENT_LENGTH': str(wsgi.MAX_BODY_LENGTH + 1),
'wsgi.input': BytesIO(),
})[0], 413)
self.assertEqual(request({
'PATH_INFO': '/cau/crt/renew',
'REQUEST_METHOD': 'PUT',
'CONTENT_TYPE': 'application/json',
'wsgi.input': BytesIO(b'"' + b'a' * (wsgi.MAX_BODY_LENGTH + 1)),
})[0], 413)
self.assertEqual(request({
'PATH_INFO': '/cau/crt/renew',
'REQUEST_METHOD': 'PUT',
......
......@@ -652,8 +652,14 @@ class Application(object):
Raises TooLarge if Content-Length if over MAX_BODY_LENGTH.
If Content-Length is not set, reads at most MAX_BODY_LENGTH bytes.
"""
content_length = environ.get('CONTENT_LENGTH')
if not content_length:
result = environ['wsgi.input'].read(MAX_BODY_LENGTH)
if environ['wsgi.input'].read(1):
raise TooLarge(b'Content-Length limit exceeded')
return result
try:
length = int(environ.get('CONTENT_LENGTH') or MAX_BODY_LENGTH)
length = int(content_length, 10)
except ValueError:
raise BadRequest(b'Invalid Content-Length')
if length > MAX_BODY_LENGTH:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment