commit 2fd8fe919bfc0269f4dcf50f2e13fb12b47d5ef4 parent d5ed0c5d7a044d57313b7c646146d5328c98351e Author: Solderpunk <solderpunk@sdf.org> Date: Sun, 31 May 2020 18:33:32 +0200 Do not read more than the maximum number of bytes in a valid response header. Diffstat:
| M | av98.py | | | 6 | +++--- |
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/av98.py b/av98.py @@ -365,9 +365,9 @@ you'll be able to transparently follow links to Gopherspace!""") else: address, f = self._send_request(gi) - # Spec dictates <META> should not exceed 1024 bytes - # but does not dictate a total maximum header length. - header = f.readline(2048) + # Spec dictates <META> should not exceed 1024 bytes, + # so maximum valid header length is 1027 bytes. + header = f.readline(1027) header = header.decode("UTF-8") if not header or header[-1] != '\n': raise RuntimeError("Received invalid header from server!")