[Zope-Checkins] CVS: Zope/lib/python/ZTUtils - Tree.py:1.6.6.10
Tres Seaver
tseaver at zope.com
Thu Jan 8 16:02:36 EST 2004
Update of /cvs-repository/Zope/lib/python/ZTUtils
In directory cvs.zope.org:/tmp/cvs-serv6197/lib/python/ZTUtils
Modified Files:
Tag: Zope-2_6-branch
Tree.py
Log Message:
- The ZTUtils SimpleTree decompressed tree state data from the
request without checking for final size, which could allow for
certain types of DoS attacks.
=== Zope/lib/python/ZTUtils/Tree.py 1.6.6.9 => 1.6.6.10 ===
--- Zope/lib/python/ZTUtils/Tree.py:1.6.6.9 Tue Jul 15 13:05:47 2003
+++ Zope/lib/python/ZTUtils/Tree.py Thu Jan 8 16:02:35 2004
@@ -277,16 +277,19 @@
result = zresult
return result
-def decodeExpansion(s, nth=None):
+def decodeExpansion(s, nth=None, maxsize=8192):
'''Decode an expanded node map from a string.
If nth is an integer, also return the (map, key) pair for the nth entry.
'''
- if len(s) > 8192: # Set limit to 8K, to avoid DoS attacks.
+ if len(s) > maxsize: # Set limit to avoid DoS attacks.
raise ValueError('Encoded node map too large')
if s[0] == ':': # Compressed state
- s = zlib.decompress(a2b(s[1:]))
+ dec = zlib.decompressobj()
+ s = dec.decompress(a2b(s[1:]), maxsize)
+ if dec.decompress('', 1):
+ raise ValueError('Encoded node map too large')
map = m = {}
mstack = []
More information about the Zope-Checkins
mailing list