id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
36768	File.__iter__() Quadratic-time DoS	wooseokdotkim		"I thought the code below could generate DoS, so I made a bug report
However, File._iter__ was not recognized as a bug because only one line was buffered and only worked for chunks returned from File.chunks, but it was determined that verification code for input should be added, so it was created as an open ticket.

The code pattern is similar to CVE-2023-36053, which is already released, so I think it needs to be modified.

code: django/core/files/base.py:89

{{{
def __iter__(self):
    buffer_ = None
    for chunk in self.chunks():
        for line in chunk.splitlines(True):
            if buffer_:
                line = buffer_ + line  # < Code!
}}}


How should I patch it?
"	Bug	new	Uncategorized		Normal		DoS	wooseokdotkim	Unreviewed	0	0	0	0	0	0