From 43a53454c37edcfa7871ab598685a51c12f6715b Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 3 Apr 2026 09:46:19 +0000 Subject: [PATCH 1/2] Fix max_loops counter in __recv_msg_cautious shared between header and body reads The max_loops counter was shared between the header read phase (4 bytes) and the body read phase, meaning iterations consumed reading the header reduced the iterations available for reading the body. Reset max_loops to 5 after the header is fully read so each phase gets its own budget. https://claude.ai/code/session_01KtjpWLMYp9Psbbf6u3HN1C --- usr/lib/python3/dist-packages/privleap/privleap.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/usr/lib/python3/dist-packages/privleap/privleap.py b/usr/lib/python3/dist-packages/privleap/privleap.py index 36b9153..b4c02dc 100644 --- a/usr/lib/python3/dist-packages/privleap/privleap.py +++ b/usr/lib/python3/dist-packages/privleap/privleap.py @@ -654,9 +654,9 @@ def __recv_msg_cautious(self) -> bytes: While there aren't security issues with doing so, you probably shouldn't use __recv_msg_cautious() on the client. It may result in a disconnect while the server is still trying to send data to the client. It bails - out if a read times out, or if it takes more than five combined loop - iterations to read a message (thus giving at most ~0.5 seconds for the - client to send a whole message). + out if a read times out, or if it takes more than five loop iterations + to read the header or body (thus giving at most ~0.5 seconds for each + phase of message reception). """ assert self.backend_socket is not None @@ -685,6 +685,7 @@ def __recv_msg_cautious(self) -> bytes: if msg_len > 4096: raise ValueError("Received message is too long") + max_loops = 5 recv_buf = b"" while len(recv_buf) != msg_len: From 475ab8de0585db12848c2a7e0e9a55c0ceadf983 Mon Sep 17 00:00:00 2001 From: Claude Date: Sun, 5 Apr 2026 10:54:14 +0000 Subject: [PATCH 2/2] Revert "Fix max_loops counter in __recv_msg_cautious shared between header and body reads" This reverts commit 98d8c05b6fca05f008b1ae5667b3d40b1a88d204. --- usr/lib/python3/dist-packages/privleap/privleap.py | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/usr/lib/python3/dist-packages/privleap/privleap.py b/usr/lib/python3/dist-packages/privleap/privleap.py index b4c02dc..36b9153 100644 --- a/usr/lib/python3/dist-packages/privleap/privleap.py +++ b/usr/lib/python3/dist-packages/privleap/privleap.py @@ -654,9 +654,9 @@ def __recv_msg_cautious(self) -> bytes: While there aren't security issues with doing so, you probably shouldn't use __recv_msg_cautious() on the client. It may result in a disconnect while the server is still trying to send data to the client. It bails - out if a read times out, or if it takes more than five loop iterations - to read the header or body (thus giving at most ~0.5 seconds for each - phase of message reception). + out if a read times out, or if it takes more than five combined loop + iterations to read a message (thus giving at most ~0.5 seconds for the + client to send a whole message). """ assert self.backend_socket is not None @@ -685,7 +685,6 @@ def __recv_msg_cautious(self) -> bytes: if msg_len > 4096: raise ValueError("Received message is too long") - max_loops = 5 recv_buf = b"" while len(recv_buf) != msg_len: