[issue20504] cgi.FieldStorage, multipart, missing Content-Length

Mon, 03 Feb 2014 13:33:56 -0800 

New submission from Sebastian Rittau:

Consider the attached test case. This test will run fine with Python 2.7, but 
will fail with Python 3.3. If cgi.FieldStorage() tries to parse a multipart 
request without a Content-Length header in the main section, segments will have 
a length of 0.

During the parse process, two instances of FieldStorage are involved. The outer 
one reads the whole request and creates and delegates reading of the fragment 
to inner instances.

The main problem is that FieldStorage.read_lines_to_outerboundary() of the 
inner FieldStorage will read nothing, since self.limit is lower than zero.

    def read_lines_to_outerboundary(self):
        ...
        while 1:
            if _read >= self.limit:
                break
        ...

This happens, since limit is passed when creating the inner instance in 
FieldStorage.read_multi():

    def read_multi(self, environ, keep_blank_values, strict_parsing):
        ...
            part = klass(self.fp, headers, ib, environ, keep_blank_values,
                         strict_parsing,self.limit-self.bytes_read,
                         self.encoding, self.errors)
        ...

Now, if the total request did not have a Content-Length header, self.limit will 
be -1.

The naive fix works for the test case, at least, but I don't know if there are 
other repercussions:

--- /usr/lib/python3.3/cgi.py   2014-02-03 22:31:16.649431125 +0100
+++ cgi.py      2014-02-03 22:32:14.849704379 +0100
@@ -788,7 +788,7 @@
         last_line_lfend = True
         _read = 0
         while 1:
-            if _read >= self.limit:
+            if self.limit >= 0 and _read >= self.limit:
                 break
             line = self.fp.readline(1<<16) # bytes
             self.bytes_read += len(line)

----------
components: Library (Lib)
files: cgi-bug.py
messages: 210166
nosy: srittau
priority: normal
severity: normal
status: open
title: cgi.FieldStorage, multipart, missing Content-Length
versions: Python 3.3
Added file: http://bugs.python.org/file33891/cgi-bug.py

_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue20504>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Reply via email to