summaryrefslogtreecommitdiff
path: root/Lib/test/test_xmlrpc.py
diff options
context:
space:
mode:
authorCharles-François Natali <neologix@free.fr>2012-02-18 14:53:41 +0100
committerCharles-François Natali <neologix@free.fr>2012-02-18 14:53:41 +0100
commitcd96b4f1ff4dd3a97eedbcea8a837388c0cb8345 (patch)
tree270c805de948cee78b13fed5776abb9e0c0c4ad0 /Lib/test/test_xmlrpc.py
parentead1de2f0320fa80f717891fd3ae465172fcd96a (diff)
parentec1712a1662282c909b4cd4cc0c7486646bc9246 (diff)
downloadcpython-git-cd96b4f1ff4dd3a97eedbcea8a837388c0cb8345.tar.gz
Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer
upon malformed POST request.
Diffstat (limited to 'Lib/test/test_xmlrpc.py')
-rw-r--r--Lib/test/test_xmlrpc.py14
1 files changed, 8 insertions, 6 deletions
diff --git a/Lib/test/test_xmlrpc.py b/Lib/test/test_xmlrpc.py
index e97420b8a8..38141912a1 100644
--- a/Lib/test/test_xmlrpc.py
+++ b/Lib/test/test_xmlrpc.py
@@ -474,12 +474,7 @@ class BaseServerTestCase(unittest.TestCase):
def tearDown(self):
# wait on the server thread to terminate
- self.evt.wait(4.0)
- # XXX this code does not work, and in fact stop_serving doesn't exist.
- if not self.evt.is_set():
- self.evt.set()
- stop_serving()
- raise RuntimeError("timeout reached, test has failed")
+ self.evt.wait()
# disable traceback reporting
xmlrpc.server.SimpleXMLRPCServer._send_traceback_header = False
@@ -626,6 +621,13 @@ class SimpleServerTestCase(BaseServerTestCase):
server = xmlrpclib.ServerProxy("http://%s:%d/RPC2" % (ADDR, PORT))
self.assertEqual(server.add("a", "\xe9"), "a\xe9")
+ def test_partial_post(self):
+ # Check that a partial POST doesn't make the server loop: issue #14001.
+ conn = http.client.HTTPConnection(ADDR, PORT)
+ conn.request('POST', '/RPC2 HTTP/1.0\r\nContent-Length: 100\r\n\r\nbye')
+ conn.close()
+
+
class MultiPathServerTestCase(BaseServerTestCase):
threadFunc = staticmethod(http_multi_server)
request_count = 2
View Lorry Controller Status