Potential libsoup client DoS when parsing tampered headers
@bob131
Submitted by bob Assigned to libsoup-maint@gnome.bugs
Link to original bug (#762301)
Description
An uncaught error in gmem.c is unavoidable when requesting http://irc-bot-science.clsr.net/bigheader, with similar error states resulting from requesting other demos of header attacks from that site. It'd be great if there could be a SessionFeature that implemented a sort of resource limiting, or if there was something like Message.got_chunk for header fetching so users can just cancel the request in the event of tampering.