Merge branch 'master' of https://github.com/Pylons/waitress into del_warnings

author: Yourun-Proger <shkrobov.yura@mail.ru> 2022-03-17 18:53:12 +0300
committer: Yourun-Proger <shkrobov.yura@mail.ru> 2022-03-17 18:53:12 +0300
commit: 789c9a3874af408ba89b6373fe2ef80978c0f4c8 (patch)
tree: 419a558bd4b2e39f82e71c6f885c4d3d2702d72d /src/waitress/receiver.py
parent: 6c7e30083a6bb5b319cbf6f1ac5ff9d76abdc905 (diff)
parent: 9e0b8c801e4d505c2ffc91b891af4ba48af715e0 (diff)
download: waitress-789c9a3874af408ba89b6373fe2ef80978c0f4c8.tar.gz
1 files changed, 21 insertions, 7 deletions
diff --git a/src/waitress/receiver.py b/src/waitress/receiver.py
index 8785280..7663355 100644
--- a/src/waitress/receiver.py
+++ b/src/waitress/receiver.py
@@ -14,6 +14,7 @@
 """Data Chunk Receiver
 """
 
+from waitress.rfc7230 import CHUNK_EXT_RE, ONLY_HEXDIG_RE
 from waitress.utilities import BadRequest, find_double_newline
 
 
@@ -110,6 +111,7 @@ class ChunkedReceiver:
                     s = b""
                 else:
                     self.chunk_end = b""
+
                     if pos == 0:
                         # Chop off the terminating CR LF from the chunk
                         s = s[2:]
@@ -133,20 +135,32 @@ class ChunkedReceiver:
                     line = s[:pos]
                     s = s[pos + 2 :]
                     self.control_line = b""
-                    line = line.strip()
 
                     if line:
                         # Begin a new chunk.
                         semi = line.find(b";")
 
                         if semi >= 0:
-                            # discard extension info.
+                            extinfo = line[semi:]
+                            valid_ext_info = CHUNK_EXT_RE.match(extinfo)
+
+                            if not valid_ext_info:
+                                self.error = BadRequest("Invalid chunk extension")
+                                self.all_chunks_received = True
+
+                                break
+
                             line = line[:semi]
-                        try:
-                            sz = int(line.strip(), 16)  # hexadecimal
-                        except ValueError:  # garbage in input
-                            self.error = BadRequest("garbage in chunked encoding input")
-                            sz = 0
+
+                        if not ONLY_HEXDIG_RE.match(line):
+                            self.error = BadRequest("Invalid chunk size")
+                            self.all_chunks_received = True
+
+                            break
+
+                        # Can not fail due to matching against the regular
+                        # expression above
+                        sz = int(line, 16)  # hexadecimal
 
                         if sz > 0:
                             # Start a new chunk.
author	Yourun-Proger <shkrobov.yura@mail.ru>	2022-03-17 18:53:12 +0300
committer	Yourun-Proger <shkrobov.yura@mail.ru>	2022-03-17 18:53:12 +0300
commit	789c9a3874af408ba89b6373fe2ef80978c0f4c8 (patch)
tree	419a558bd4b2e39f82e71c6f885c4d3d2702d72d /src/waitress/receiver.py
parent	6c7e30083a6bb5b319cbf6f1ac5ff9d76abdc905 (diff)
parent	9e0b8c801e4d505c2ffc91b891af4ba48af715e0 (diff)
download	waitress-789c9a3874af408ba89b6373fe2ef80978c0f4c8.tar.gz