This issue tracker has been migrated to GitHub ,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
| Author | martin.panter |
|---|---|
| Recipients | Arfrever, christian.heimes, eric.araujo, martin.panter, nadeem.vawda, nikratio, pitrou, serhiy.storchaka, vstinner |
| Date | 2015年01月08日.14:38:35 |
| SpamBayes Score | -1.0 |
| Marked as misclassified | Yes |
| Message-id | <1420727917.23.0.932195199195.issue15955@psf.upfronthosting.co.za> |
| In-reply-to |
| Content | |
|---|---|
It turns out that GzipFile.read(<size>) etc is also susceptible to decompression bombing. Here is a patch to test and fix that, making use of the existing "max_length" parameter in the "zlib" module. |
|
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2015年01月08日 14:38:37 | martin.panter | set | recipients: + martin.panter, pitrou, vstinner, christian.heimes, nadeem.vawda, eric.araujo, Arfrever, nikratio, serhiy.storchaka |
| 2015年01月08日 14:38:37 | martin.panter | set | messageid: <1420727917.23.0.932195199195.issue15955@psf.upfronthosting.co.za> |
| 2015年01月08日 14:38:37 | martin.panter | link | issue15955 messages |
| 2015年01月08日 14:38:37 | martin.panter | create | |