Skip to content

Out-of-memory when reading a HTTP response with large Content-Lenght #119451

New issue
New issue
Open
Open
Out-of-memory when reading a HTTP response with large Content-Lenght#119451
Labels
3.10only security fixes3.11only security fixes3.12only security fixes3.13bugs and security fixes3.14bugs and security fixes3.8 (EOL)end of life3.9only security fixesstdlibPython modules in the Lib dirtopic-IOtype-securityA security issue
@serhiy-storchaka

Description

@serhiy-storchaka
serhiy-storchaka
opened on May 23, 2024

http.client.HTTPResponse.read() (without argument) consumes the amount of memory specified by the value of the Content-Lenght header in the response before starting receiving the data from the socket. Normally, if the server does not send enough data, the client gets IncompleteRead error, but if Content-Lenght is too large, it can consume a large amount of memory and CPU time and cause swapping. Therefore, a maleficent server can cause a DOS attack on client by sending a small response.

Linked PRs

Metadata

Metadata

Assignees

No one assigned

    Labels

    3.10only security fixes3.11only security fixes3.12only security fixes3.13bugs and security fixes3.14bugs and security fixes3.8 (EOL)end of life3.9only security fixesstdlibPython modules in the Lib dirtopic-IOtype-securityA security issue

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions