Author: tack
Date: Mon Nov 27 17:24:00 2006
New Revision: 2096
Modified:
trunk/base/src/rpc.py
Log:
Don't read all data on socket unless authenticated; prevents possible DoS
Modified: trunk/base/src/rpc.py
==============================================================================
--- trunk/base/src/rpc.py (original)
+++ trunk/base/src/rpc.py Mon Nov 27 17:24:00 2006
@@ -283,7 +283,7 @@
self._read_buffer.append(data)
# read as much data as we have
- while True:
+ while self._authenticated:
try:
data = self._socket.recv(1024*1024)
except socket.error, (err, msg):
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Freevo-cvslog mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/freevo-cvslog
