A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from https://github.com/django/django/commit/9c51b4dcfa0cefcb48231f4d71cafa80821f87b9 below:

[4.2.x] Fixed CVE-2023-41164 -- Fixed potential DoS in django.utils.e… · django/django@9c51b4d · GitHub

File tree Expand file treeCollapse file tree 5 files changed

+43

-5

lines changed

Filter options

Expand file treeCollapse file tree 5 files changed

+43

-5

lines changed Original file line number Diff line number Diff line change

@@ -219,16 +219,18 @@ def repercent_broken_unicode(path):

 219 219

repercent-encode any octet produced that is not part of a strictly legal

 220 220

UTF-8 octet sequence.

 221 221

"""

 222 +

changed_parts = []

 222 223

while True:

 223 224

try:

 224 225

path.decode()

 225 226

except UnicodeDecodeError as e:

 226 227

# CVE-2019-14235: A recursion shouldn't be used since the exception

 227 228

# handling uses massive amounts of memory

 228 229

repercent = quote(path[e.start : e.end], safe=b"/#%[]=:;$&()+,!?*@'~")

 229 -

path = path[: e.start] + repercent.encode() + path[e.end :]

 230 +

changed_parts.append(path[: e.start] + repercent.encode())

 231 +

path = path[e.end :]

 230 232

else:

 231 -

return path

 233 +

return b"".join(changed_parts) + path

 232 234 233 235 234 236

def filepath_to_uri(path):

 Original file line number Diff line number Diff line change

@@ -6,4 +6,9 @@ Django 3.2.21 release notes

 6 6 7 7

Django 3.2.21 fixes a security issue with severity "moderate" in 3.2.20.

 8 8 9 -

...

 9 +

CVE-2023-41164: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``

 10 +

===================================================================================================

 11 + 12 +

``django.utils.encoding.uri_to_iri()`` was subject to potential denial of

 13 +

service attack via certain inputs with a very large number of Unicode

 14 +

characters.

 Original file line number Diff line number Diff line change

@@ -6,4 +6,9 @@ Django 4.1.11 release notes

 6 6 7 7

Django 4.1.11 fixes a security issue with severity "moderate" in 4.1.10.

 8 8 9 -

...

 9 +

CVE-2023-41164: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``

 10 +

===================================================================================================

 11 + 12 +

``django.utils.encoding.uri_to_iri()`` was subject to potential denial of

 13 +

service attack via certain inputs with a very large number of Unicode

 14 +

characters.

 Original file line number Diff line number Diff line change

@@ -7,6 +7,13 @@ Django 4.2.5 release notes

 7 7

Django 4.2.5 fixes a security issue with severity "moderate" and several bugs

 8 8

in 4.2.4.

 9 9 10 +

CVE-2023-41164: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``

 11 +

===================================================================================================

 12 + 13 +

``django.utils.encoding.uri_to_iri()`` was subject to potential denial of

 14 +

service attack via certain inputs with a very large number of Unicode

 15 +

characters.

 16 + 10 17

Bugfixes

 11 18

========

 12 19 Original file line number Diff line number Diff line change

@@ -1,9 +1,10 @@

 1 1

import datetime

 2 +

import inspect

 2 3

import sys

 3 4

import unittest

 4 5

from pathlib import Path

 5 6

from unittest import mock

 6 -

from urllib.parse import quote_plus

 7 +

from urllib.parse import quote, quote_plus

 7 8 8 9

from django.test import SimpleTestCase

 9 10

from django.utils.encoding import (

@@ -120,6 +121,24 @@ def test_repercent_broken_unicode_recursion_error(self):

 120 121

except RecursionError:

 121 122

self.fail("Unexpected RecursionError raised.")

 122 123 124 +

def test_repercent_broken_unicode_small_fragments(self):

 125 +

data = b"test\xfctest\xfctest\xfc"

 126 +

decoded_paths = []

 127 + 128 +

def mock_quote(*args, **kwargs):

 129 +

# The second frame is the call to repercent_broken_unicode().

 130 +

decoded_paths.append(inspect.currentframe().f_back.f_locals["path"])

 131 +

return quote(*args, **kwargs)

 132 + 133 +

with mock.patch("django.utils.encoding.quote", mock_quote):

 134 +

self.assertEqual(repercent_broken_unicode(data), b"test%FCtest%FCtest%FC")

 135 + 136 +

# decode() is called on smaller fragment of the path each time.

 137 +

self.assertEqual(

 138 +

decoded_paths,

 139 +

[b"test\xfctest\xfctest\xfc", b"test\xfctest\xfc", b"test\xfc"],

 140 +

)

 141 + 123 142 124 143

class TestRFC3987IEncodingUtils(unittest.TestCase):

 125 144

def test_filepath_to_uri(self):

You can’t perform that action at this time.

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4