The proposed patch seems to correctly implement a timeout, which prevents the loop from running forever. However, it's still impossible to upload avatars from servers which use keepalive. Because these servers hold the connection open after sending the image, feof will never return true. The only way this loop will terminate is by timing out, which will cause the upload to fail. For example, uploading this avatar does not work:
The loop needs to check if it has already received all the bytes that were promised by the server response's Content-Length header (if present), and return the successful upload. I'll submit a patch with that additional code.