DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25468>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25468 Unchecked response header length can cause HttpClient to loop endlessly Summary: Unchecked response header length can cause HttpClient to loop endlessly Product: Commons Version: Nightly Builds Platform: All OS/Version: All Status: NEW Severity: Normal Priority: Other Component: HttpClient AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] A broken/malicious HTTP Server/CGI script etc. can cause HttpClient to stay in an infinite loop when reading HTTP Response headers (see Bug 24560 for a similar problem) This not clearly specified in RFC2616, but I suggest that HttpClient's behaviour in these situations should be changed to some more reliable/terminative. I see three possible ways to cause HttpClient to loop while parsing headers: 1. The Header line does not terminate with CR/LF 2. The Header line is folded into an infinite number of lines 3. The number of Headers is infinite I therefore suggest three configurable parameters to set reasonable limits for 1. Header Line length (max. 4096 bytes per line?) 2. Header Value length (max. 4096 characters?) 3. Number of headers (max. 1000 headers?) --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
