Opened 6 years ago

Closed 6 years ago

#6149 defect closed duplicate (duplicate)

Possible DoS in HTTP chunked decoder

Reported by: Corbin Simpson Owned by:
Priority: normal Milestone:
Component: web Keywords:
Cc: jknight Branch:


Reported by "ivan" on #twisted.web, along with a PoC.

Only scratched the surface, but I don't see why this isn't a valid problem; the attached PoC does definitely chew 20% of my CPU in return for pegging the target Twisted Web server at 100% on another core.

Attachments (1) (856 bytes) - added by Corbin Simpson 6 years ago.
PoC for #6149, from ivan

Download all attachments as: .zip

Change History (3)

comment:1 Changed 6 years ago by DefaultCC Plugin

Cc: jknight added

Changed 6 years ago by Corbin Simpson

Attachment: added

PoC for #6149, from ivan

comment:2 Changed 6 years ago by Corbin Simpson

Resolution: duplicate
Status: newclosed

Duplicate of #3795. Sorry 'bout that.

Note: See TracTickets for help on using tickets.