File CVE-2023-47641.patch of Package python-aiohttp.36839

--- aiohttp/http_parser.py.orig
+++ aiohttp/http_parser.py
@@ -14,6 +14,7 @@ from . import hdrs
 from .base_protocol import BaseProtocol
 from .helpers import NO_EXTENSIONS, BaseTimerContext
 from .http_exceptions import (
+    BadHttpMessage,
     BadStatusLine,
     ContentEncodingError,
     ContentLengthError,
@@ -406,8 +407,11 @@ class HttpParser(abc.ABC):
 
         # chunking
         te = headers.get(hdrs.TRANSFER_ENCODING)
-        if te and 'chunked' in te.lower():
-            chunked = True
+        if te is not None:
+            if 'chunked' in te.lower():
+                chunked = True
+            if hdrs.CONTENT_LENGTH in headers:
+                raise BadHttpMessage('unexpected content-length header')
 
         return (headers, raw_headers, close_conn, encoding, upgrade, chunked)
 
--- tests/test_http_parser.py.orig
+++ tests/test_http_parser.py
@@ -268,6 +268,15 @@ def test_request_chunked(parser) -> None
     assert isinstance(payload, streams.StreamReader)
 
 
+def test_request_te_chunked_with_content_length(parser) -> None:
+    text = (b'GET /test HTTP/1.1\r\n'
+            b'content-length: 1234\r\n'
+            b'transfer-encoding: chunked123\r\n\r\n'
+    )
+    with pytest.raises(http_exceptions.BadHttpMessage):
+        parser.feed_data(text)
+
+
 def test_conn_upgrade(parser) -> None:
     text = (b'GET /test HTTP/1.1\r\n'
             b'connection: upgrade\r\n'
--- vendor/http-parser/http_parser.c.orig
+++ vendor/http-parser/http_parser.c
@@ -1548,6 +1548,10 @@ reexecute:
                 h_state = h_general;
               } else if (parser->index == sizeof(CHUNKED)-2) {
                 h_state = h_transfer_encoding_chunked;
+                if (parser->flags & F_CONTENTLENGTH) {
+                  SET_ERRNO(HPE_INVALID_CONTENT_LENGTH);
+                  goto error;
+                }
               }
               break;