[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [hobbit] bug report on 4.1.2p1
On Thu, Mar 09, 2006 at 02:49:55PM +0100, Olivier Beau wrote:
> Hi Henrik,
>
> Doing content checks on "large" web pages (13M) disturbs hobbitd;
> in the log : "Data flooding from 10.33.254.87, closing connection"
> causing a bunch of network checks to go purple..
This is really a safety/security thing to avoid hobbitd consuming all
of memory. Since hobbitd keeps everything in memory, it would be too
easy to launch a denial-of-service attack by just flooding it with data.
> That url did 13M because of a big tomcat dump... and we (sysadmin) don't
> controls the size of the webpages...
I hope your developers weren't forced to explain every bit of that dump :-)
> Do you have a work arround for this ?
Try the attached patch for the network test tool. It limits the amount
of content data that is sent across to 1 MB, but the content check
itself is performed on the full amount of data.
Untested, but fairly simple so I would expect it to work.
Regards,
Henrik
--- bbnet/bbtest-net.h 2005/12/29 16:18:42 1.34
+++ bbnet/bbtest-net.h 2006/03/09 21:55:07
@@ -17,6 +17,8 @@
#define STATUS_CONTENTMATCH_FAILED 902
#define STATUS_CONTENTMATCH_BADREGEX 903
+#define MAX_CONTENT_DATA (1024*1024) /* 1 MB should be enough for most */
+
/*
* Structure of the bbtest-net in-memory records
*
--- bbnet/httpresult.c 2005/12/29 16:19:20 1.19
+++ bbnet/httpresult.c 2006/03/09 21:54:18
@@ -429,6 +429,12 @@
xfree(msgline);
if (req->output) {
+ /* Dont flood hobbitd with data */
+ if (req->outlen > MAX_CONTENT_DATA) {
+ *(req->output + MAX_CONTENT_DATA) = '\0';
+ req->outlen = MAX_CONTENT_DATA;
+ }
+
if ( (req->contenttype && (strncasecmp(req->contenttype, "text/html", 9) == 0)) ||
(strncasecmp(req->output, "<html", 5) == 0) ) {
char *bodystart = NULL;