couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dav...@apache.org
Subject [7/8] git commit: Limit rewrite recursion depth
Date Wed, 25 Apr 2012 22:18:25 GMT
Limit rewrite recursion depth

Loops in the rewriter would end up pegging the CPU until memory was
exhausted. Max recursion is now configurable and limited to 100
iterations.

Fixes: COUCHDB-1441


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/d076976c
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/d076976c
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/d076976c

Branch: refs/heads/master
Commit: d076976cafc7ae01555f69808a7bdf0e84ec5702
Parents: 40a4e33
Author: Ronny Pfannschmidt <Ronny.Pfannschmidt@gmx.de>
Authored: Wed Mar 28 16:58:20 2012 +0200
Committer: Paul Joseph Davis <davisp@apache.org>
Committed: Wed Apr 25 16:54:08 2012 -0500

----------------------------------------------------------------------
 CHANGES                             |    2 ++
 share/www/script/test/rewrite.js    |   16 ++++++++++++++++
 src/couchdb/couch_httpd_rewrite.erl |   11 +++++++++++
 3 files changed, 29 insertions(+), 0 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/d076976c/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index aa9af12..c1bc9ba 100644
--- a/CHANGES
+++ b/CHANGES
@@ -14,6 +14,8 @@ HTTP Interface:
 
  * No longer rewrites the X-CouchDB-Requested-Path during recursive
    calls to the rewriter.
+ * Limit recursion depth in the URL rewriter. Defaults to a maximum
+   of 100 invocations but is configurable.
 
 Storage System:
 

http://git-wip-us.apache.org/repos/asf/couchdb/blob/d076976c/share/www/script/test/rewrite.js
----------------------------------------------------------------------
diff --git a/share/www/script/test/rewrite.js b/share/www/script/test/rewrite.js
index aaf8b69..352e6b9 100644
--- a/share/www/script/test/rewrite.js
+++ b/share/www/script/test/rewrite.js
@@ -457,4 +457,20 @@ couchTests.rewrite = function(debug) {
   var url = "/test_suite_db/_design/requested_path/_rewrite/show_rewritten";
   var res = CouchDB.request("GET", url);
   TEquals(url, res.responseText, "returned the original url");
+
+  var ddoc_loop = {
+    _id: "_design/loop",
+    rewrites: [{ "from": "loop",  "to": "_rewrite/loop"}]
+  };
+  db.save(ddoc_loop);
+
+  run_on_modified_server(
+    [{section: "httpd",
+      key: "rewrite_limit",
+      value: "2"}],
+      function(){
+        var url = "/test_suite_db/_design/loop/_rewrite/loop";
+        var xhr = CouchDB.request("GET", url);
+        T(xhr.status = 400);
+  });
 }

http://git-wip-us.apache.org/repos/asf/couchdb/blob/d076976c/src/couchdb/couch_httpd_rewrite.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_httpd_rewrite.erl b/src/couchdb/couch_httpd_rewrite.erl
index cb164cd..207891a 100644
--- a/src/couchdb/couch_httpd_rewrite.erl
+++ b/src/couchdb/couch_httpd_rewrite.erl
@@ -119,6 +119,17 @@ handle_rewrite_req(#httpd{
     Prefix = <<"/", DbName/binary, "/", DesignId/binary>>,
     QueryList = lists:map(fun decode_query_value/1, couch_httpd:qs(Req)),
 
+    MaxRewritesList = couch_config:get("httpd", "rewrite_limit", "100"),
+    MaxRewrites = list_to_integer(MaxRewritesList),
+    NRewrites = case get(couch_rewrite_count) of
+        undefined ->
+            put(couch_rewrite_count, 1);
+        NumRewrites when NumRewrites < MaxRewrites ->
+            put(couch_rewrite_count, NumRewrites + 1);
+        _ ->
+            throw({bad_request, <<"Exceeded rewrite recursion limit">>})
+    end,
+
     #doc{body={Props}} = DDoc,
 
     % get rules from ddoc


Mime
View raw message