From 93a12a61bdddd89b954acd8c12248a4c464b270f Mon Sep 17 00:00:00 2001
From: dengkailang <dengkailang@360.cn>
Date: Wed, 16 Mar 2016 23:15:19 +0800
Subject: [PATCH] It's needed to check if the client has closed the connection
 during reading HTTP post body. Or the RPC Server will become vunlnerable by
 the action like below. telnet <server-host> <server-port> POST / HTTP/1.1
 content-length: xx

and close the socket immediately. Then the RPC server will be stucked
in the recvfrom SYSCALL infinit loop.
---
 jsonrpclib/SimpleJSONRPCServer.py | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/jsonrpclib/SimpleJSONRPCServer.py b/jsonrpclib/SimpleJSONRPCServer.py
index 3a0a3bb..82fdefc 100644
--- a/jsonrpclib/SimpleJSONRPCServer.py
+++ b/jsonrpclib/SimpleJSONRPCServer.py
@@ -164,7 +164,15 @@ def do_POST(self):
             L = []
             while size_remaining:
                 chunk_size = min(size_remaining, max_chunk_size)
-                L.append(self.rfile.read(chunk_size))
+                content_read = self.rfile.read(chunk_size)
+                if (content_read):
+                    L.append(content_read)
+                else:
+                    logging.warn("0 bytes was read from the socket "
+                                 "indicating the peer has performed a "
+                                 "shutdown. Close the socket and return.")
+                    self.connection.shutdown(1)
+                    return
                 size_remaining -= len(L[-1])
             data = ''.join(L)
             response = self.server._marshaled_dispatch(data)