Enforce a maximum packet length

Permanently fixes CVE-2015-5159 for all applications.
latchset · Aug 3, 2015 · f274aa6 · f274aa6
1 parent e4a7119
commit f274aa6
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/kdcproxy/__init__.py b/kdcproxy/__init__.py
@@ -61,6 +61,7 @@ def __str__(self):
 
 
 class Application:
+    MAX_LENGTH = 128 * 1024
     SOCKTYPES = {
         "tcp": socket.SOCK_STREAM,
         "udp": socket.SOCK_DGRAM,
@@ -180,7 +181,11 @@ def __call__(self, env, start_response):
             try:
                 length = int(env["CONTENT_LENGTH"])
             except AttributeError:
-                length = -1
+                raise HTTPException(411, "Length required.")
+            if length < 0:
+                raise HTTPException(411, "Length required.")
+            if length > self.MAX_LENGTH:
+                raise HTTPException(413, "Request entity too large.")
             try:
                 pr = codec.decode(env["wsgi.input"].read(length))
             except codec.ParsingError as e: