httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cliff Woolley <cliffwool...@yahoo.com>
Subject Re: More Dos -- Large GETs
Date Wed, 31 Oct 2001 01:05:52 GMT
On 30 Oct 2001, Jeff Trawick wrote:

> Jon Travis <jtravis@covalent.net> writes:
>
> > Nope.  I just allocated 1MB of 'x's and sent that buffer a couple hundred
> > times.  It was the httpd process which was growing, not my test program.
> > This was with Apache 2.0 HEAD, BTW, and 100% reproducable for me.
>
> Hmmm... do you have any extra input filters configured?
>
> I don't know what would be different between our tests...  More
> information about mine:
>
> default_handler() was used to generate the response
>
> it calls ap_discard_request_body() which calls
> ap_get_client_block(,,8K) in a loop
>
> no input filters beyond those added automatically to implement HTTP

Ohhhh... I think I see the problem.  In your test, you actually did a
real HTTP request and then had a really big request body.  In Jon's test,
it sounds like he did NOT make a real HTTP request, but instead just sent
millions of x's with no intervening newlines.  So one of the input filters
would just keep reading and reading waiting for that first line to end so
it could see if it's a valid HTTP request or not.

Is that right, Jon?

--Cliff


--------------------------------------------------------------
   Cliff Woolley
   cliffwoolley@yahoo.com
   Charlottesville, VA



Mime
View raw message