New submission from Марк Коренберг <socketp...@gmail.com>:
asynchat does not check if terminator is negative integer. so constructions like self.ac_in_buffer[:n] will lead to misbehaviour. When that integer goes from net, attack can be crafted. For example, on Content-Length field. ---------- components: Library (Lib) messages: 128914 nosy: mmarkk priority: normal severity: normal status: open title: asynchat type: security _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue11259> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
