From 60782ad107e538b9312aac7e1c119c8358bf797c Mon Sep 17 00:00:00 2001
From: Julien Castiaux <julien.castiaux@gmail.com>
Date: Sat, 11 Jan 2025 01:10:14 +0100
Subject: [PATCH] Reject Content-Length longer 1 billion TB

---
 h11/_headers.py           | 4 ++++
 h11/tests/test_headers.py | 2 ++
 2 files changed, 6 insertions(+)

diff --git a/h11/_headers.py b/h11/_headers.py
index b97d020..31da3e2 100644
--- a/h11/_headers.py
+++ b/h11/_headers.py
@@ -12,6 +12,8 @@
 except ImportError:
     from typing_extensions import Literal  # type: ignore
 
+CONTENT_LENGTH_MAX_DIGITS = 20  # allow up to 1 billion TB - 1
+
 
 # Facts
 # -----
@@ -173,6 +175,8 @@ def normalize_and_validate(
                 raise LocalProtocolError("conflicting Content-Length headers")
             value = lengths.pop()
             validate(_content_length_re, value, "bad Content-Length")
+            if len(value) > CONTENT_LENGTH_MAX_DIGITS:
+                raise LocalProtocolError("bad Content-Length")
             if seen_content_length is None:
                 seen_content_length = value
                 new_headers.append((raw_name, name, value))
diff --git a/h11/tests/test_headers.py b/h11/tests/test_headers.py
index ba53d08..b57274c 100644
--- a/h11/tests/test_headers.py
+++ b/h11/tests/test_headers.py
@@ -74,6 +74,8 @@ def test_normalize_and_validate() -> None:
         )
     with pytest.raises(LocalProtocolError):
         normalize_and_validate([("Content-Length", "1 , 1,2")])
+    with pytest.raises(LocalProtocolError):
+        normalize_and_validate([("Content-Length", "1" * 21)])  # 1 billion TB
 
     # transfer-encoding
     assert normalize_and_validate([("Transfer-Encoding", "chunked")]) == [