+34
-0
lines changedFilter options
+34
-0
lines changed Original file line number Diff line number Diff line change
@@ -248,6 +248,8 @@ def parse(self):
248 248
remaining = len(stripped_chunk) % 4
249 249
while remaining != 0:
250 250
over_chunk = field_stream.read(4 - remaining)
251 +
if not over_chunk:
252 +
break
251 253
stripped_chunk += b"".join(over_chunk.split())
252 254
remaining = len(stripped_chunk) % 4
253 255
@@ -15,3 +15,9 @@ posing an XSS attack vector.
15 15
In order to avoid this vulnerability, ``{% debug %}`` no longer outputs an
16 16
information when the ``DEBUG`` setting is ``False``, and it ensures all context
17 17
variables are correctly escaped when the ``DEBUG`` setting is ``True``.
18 + 19 +
CVE-2022-23833: Denial-of-service possibility in file uploads
20 +
=============================================================
21 + 22 +
Passing certain inputs to multipart forms could result in an infinite loop when
23 +
parsing files.
Original file line number Diff line number Diff line change
@@ -15,3 +15,9 @@ posing an XSS attack vector.
15 15
In order to avoid this vulnerability, ``{% debug %}`` no longer outputs an
16 16
information when the ``DEBUG`` setting is ``False``, and it ensures all context
17 17
variables are correctly escaped when the ``DEBUG`` setting is ``True``.
18 + 19 +
CVE-2022-23833: Denial-of-service possibility in file uploads
20 +
=============================================================
21 + 22 +
Passing certain inputs to multipart forms could result in an infinite loop when
23 +
parsing files.
Original file line number Diff line number Diff line change
@@ -143,6 +143,26 @@ def test_big_base64_upload(self):
143 143
def test_big_base64_newlines_upload(self):
144 144
self._test_base64_upload("Big data" * 68000, encode=base64.encodebytes)
145 145 146 +
def test_base64_invalid_upload(self):
147 +
payload = client.FakePayload('\r\n'.join([
148 +
'--' + client.BOUNDARY,
149 +
'Content-Disposition: form-data; name="file"; filename="test.txt"',
150 +
'Content-Type: application/octet-stream',
151 +
'Content-Transfer-Encoding: base64',
152 +
''
153 +
]))
154 +
payload.write(b'\r\n!\r\n')
155 +
payload.write('--' + client.BOUNDARY + '--\r\n')
156 +
r = {
157 +
'CONTENT_LENGTH': len(payload),
158 +
'CONTENT_TYPE': client.MULTIPART_CONTENT,
159 +
'PATH_INFO': '/echo_content/',
160 +
'REQUEST_METHOD': 'POST',
161 +
'wsgi.input': payload,
162 +
}
163 +
response = self.client.request(**r)
164 +
self.assertEqual(response.json()['file'], '')
165 + 146 166
def test_unicode_file_name(self):
147 167
with sys_tempfile.TemporaryDirectory() as temp_dir:
148 168
# This file contains Chinese symbols and an accented char in the name.
You can’t perform that action at this time.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4