File CVE-2023-46136-slow-multipart-parsing.patch of Package python-Werkzeug.36256
From b1916c0c083e0be1c9d887ee2f3d696922bfc5c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pawe=C5=82=20Srokosz?= <pawel.srokosz@cert.pl>
Date: Thu, 12 Oct 2023 18:50:04 +0200
Subject: [PATCH] Fix: slow multipart parsing for huge files with few CR/LF
characters
---
src/werkzeug/sansio/multipart.py | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
Index: Werkzeug-2.3.6/src/werkzeug/sansio/multipart.py
===================================================================
--- Werkzeug-2.3.6.orig/src/werkzeug/sansio/multipart.py
+++ Werkzeug-2.3.6/src/werkzeug/sansio/multipart.py
@@ -251,12 +251,20 @@ class MultipartDecoder:
else:
data_start = 0
- if self.buffer.find(b"--" + self.boundary) == -1:
+ boundary = b"--" + self.boundary
+
+ if self.buffer.find(boundary) == -1:
# No complete boundary in the buffer, but there may be
# a partial boundary at the end. As the boundary
# starts with either a nl or cr find the earliest and
# return up to that as data.
data_end = del_index = self.last_newline(data[data_start:])
+ # If amount of data after last newline is far from
+ # possible length of partial boundary, we should
+ # assume that there is no partial boundary in the buffer
+ # and return all pending data.
+ if (len(data) - data_end) > len(b"\n" + boundary):
+ data_end = del_index = len(data)
more_data = True
else:
match = self.boundary_re.search(data)