Opened 2 years ago

Closed 2 years ago

#6149 defect closed duplicate (duplicate)

Possible DoS in HTTP chunked decoder

Reported by: MostAwesomeDude Owned by:
Priority: normal Milestone:
Component: web Keywords:
Cc: jknight Branch:
Author: Launchpad Bug:

Description

Reported by "ivan" on #twisted.web, along with a PoC.

Only scratched the surface, but I don't see why this isn't a valid problem; the attached PoC does definitely chew 20% of my CPU in return for pegging the target Twisted Web server at 100% on another core.

Attachments (1)

test.py (856 bytes) - added by MostAwesomeDude 2 years ago.
PoC for #6149, from ivan

Download all attachments as: .zip

Change History (3)

comment:1 Changed 2 years ago by DefaultCC Plugin

  • Cc jknight added

Changed 2 years ago by MostAwesomeDude

PoC for #6149, from ivan

comment:2 Changed 2 years ago by MostAwesomeDude

  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #3795. Sorry 'bout that.

Note: See TracTickets for help on using tickets.