couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rnew...@apache.org
Subject [1/2] git commit: Limit rewrite recursion depth
Date Tue, 01 May 2012 15:54:18 GMT
Updated Branches:
  refs/heads/1.2.x 58a9b6f3f -> 30334ac87


Limit rewrite recursion depth

Loops in the rewriter would end up pegging the CPU until memory was
exhausted. Max recursion is now configurable and limited to 100
iterations.

Fixes: COUCHDB-1441


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/30334ac8
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/30334ac8
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/30334ac8

Branch: refs/heads/1.2.x
Commit: 30334ac87a90fc88804037cab073caf9fc48de38
Parents: 56744f2
Author: Ronny Pfannschmidt <Ronny.Pfannschmidt@gmx.de>
Authored: Wed Mar 28 16:58:20 2012 +0200
Committer: Jan Lehnardt <jan@apache.org>
Committed: Tue May 1 14:03:45 2012 +0100

----------------------------------------------------------------------
 CHANGES                             |    2 ++
 share/www/script/test/rewrite.js    |   16 ++++++++++++++++
 src/couchdb/couch_httpd_rewrite.erl |   11 +++++++++++
 3 files changed, 29 insertions(+), 0 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/30334ac8/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index 8524110..ac55bd4 100644
--- a/CHANGES
+++ b/CHANGES
@@ -10,6 +10,8 @@ HTTP Interface:
 
  * No longer rewrites the X-CouchDB-Requested-Path during recursive
    calls to the rewriter.
+ * Limit recursion depth in the URL rewriter. Defaults to a maximum
+   of 100 invocations but is configurable.
 
 Version 1.2.0
 -------------

http://git-wip-us.apache.org/repos/asf/couchdb/blob/30334ac8/share/www/script/test/rewrite.js
----------------------------------------------------------------------
diff --git a/share/www/script/test/rewrite.js b/share/www/script/test/rewrite.js
index aaf8b69..352e6b9 100644
--- a/share/www/script/test/rewrite.js
+++ b/share/www/script/test/rewrite.js
@@ -457,4 +457,20 @@ couchTests.rewrite = function(debug) {
   var url = "/test_suite_db/_design/requested_path/_rewrite/show_rewritten";
   var res = CouchDB.request("GET", url);
   TEquals(url, res.responseText, "returned the original url");
+
+  var ddoc_loop = {
+    _id: "_design/loop",
+    rewrites: [{ "from": "loop",  "to": "_rewrite/loop"}]
+  };
+  db.save(ddoc_loop);
+
+  run_on_modified_server(
+    [{section: "httpd",
+      key: "rewrite_limit",
+      value: "2"}],
+      function(){
+        var url = "/test_suite_db/_design/loop/_rewrite/loop";
+        var xhr = CouchDB.request("GET", url);
+        T(xhr.status = 400);
+  });
 }

http://git-wip-us.apache.org/repos/asf/couchdb/blob/30334ac8/src/couchdb/couch_httpd_rewrite.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_httpd_rewrite.erl b/src/couchdb/couch_httpd_rewrite.erl
index cb164cd..207891a 100644
--- a/src/couchdb/couch_httpd_rewrite.erl
+++ b/src/couchdb/couch_httpd_rewrite.erl
@@ -119,6 +119,17 @@ handle_rewrite_req(#httpd{
     Prefix = <<"/", DbName/binary, "/", DesignId/binary>>,
     QueryList = lists:map(fun decode_query_value/1, couch_httpd:qs(Req)),
 
+    MaxRewritesList = couch_config:get("httpd", "rewrite_limit", "100"),
+    MaxRewrites = list_to_integer(MaxRewritesList),
+    NRewrites = case get(couch_rewrite_count) of
+        undefined ->
+            put(couch_rewrite_count, 1);
+        NumRewrites when NumRewrites < MaxRewrites ->
+            put(couch_rewrite_count, NumRewrites + 1);
+        _ ->
+            throw({bad_request, <<"Exceeded rewrite recursion limit">>})
+    end,
+
     #doc{body={Props}} = DDoc,
 
     % get rules from ddoc


Mime
View raw message