add patch from Python issue#14001 to fix xmlrpc server endless loop

by malformed request bump PKGREV
author: drochner <drochner> 2012-02-15 12:21:40 +0000
committer: drochner <drochner> 2012-02-15 12:21:40 +0000
commit: d5a142acdb6c87f8f7f99dffd438823c7fe0c5ae (patch)
tree: e6808f7009a529056f14fd0b88328d4d88300183 /lang/python26/patches
parent: 16d33e1bbcb6f221486ce51a847aad7a0909aa00 (diff)
download: pkgsrc-d5a142acdb6c87f8f7f99dffd438823c7fe0c5ae.tar.gz
1 files changed, 18 insertions, 0 deletions
diff --git a/lang/python26/patches/patch-CVE-2012-0845 b/lang/python26/patches/patch-CVE-2012-0845
new file mode 100644
index 00000000000..dd6f32cd8f6
--- /dev/null
+++ b/lang/python26/patches/patch-CVE-2012-0845
@@ -0,0 +1,18 @@
+$NetBSD: patch-CVE-2012-0845,v 1.1 2012/02/15 12:21:40 drochner Exp $
+
+see python bug #14001
+
+--- Lib/SimpleXMLRPCServer.py.orig	2009-04-05 21:34:15.000000000 +0000
++++ Lib/SimpleXMLRPCServer.py
+@@ -459,7 +459,10 @@ class SimpleXMLRPCRequestHandler(BaseHTT
+             L = []
+             while size_remaining:
+                 chunk_size = min(size_remaining, max_chunk_size)
+-                L.append(self.rfile.read(chunk_size))
++                chunk = self.rfile.read(chunk_size)
++                if not chunk:
++                    break
++                L.append(chunk)
+                 size_remaining -= len(L[-1])
+             data = ''.join(L)
+
author	drochner <drochner>	2012-02-15 12:21:40 +0000
committer	drochner <drochner>	2012-02-15 12:21:40 +0000
commit	d5a142acdb6c87f8f7f99dffd438823c7fe0c5ae (patch)
tree	e6808f7009a529056f14fd0b88328d4d88300183 /lang/python26/patches
parent	16d33e1bbcb6f221486ce51a847aad7a0909aa00 (diff)
download	pkgsrc-d5a142acdb6c87f8f7f99dffd438823c7fe0c5ae.tar.gz