httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Stoddard" <b...@wstoddard.com>
Subject Re: cvs commit: httpd-2.0 STATUS
Date Fri, 31 May 2002 01:49:26 GMT


> On Thu, May 30, 2002 at 11:17:23PM -0000, jerenkrantz@apache.org wrote:
> > jerenkrantz    02/05/30 16:17:23
> >
> >   Modified:    .        STATUS
> >   Log:
> >   showstoppers++;  (groan)
> >...
> >    RELEASE SHOWSTOPPERS:
> >   +
> >   +    * 413 (invalid chunk size) followed by another request segfaults.
> >   +      Message-ID: <m31ybt4zyt.fsf@rdu88-251-253.nc.rr.com>
> >   +      Status: Justin is completely confounded by this.  It looks like a
> >   +              bucket lifetime bug, but somehow an operation on one
> >   +              brigade is altering another brigade and corrupting it.
>
> IMO, this isn't a showstopper.
>
> Any current client that happens to *send* chunked data is not going to be
> sending invalid chunk sizes. So we aren't really fixing a problem here, but
> a potential DOS attack. But when you stop and think about it: rather than
> crashing servers, a client could simply attach and wait on the socket. They
> can tie up *way* more processes that way (until the server times them out,
> but that is 15 seconds later; a *lot* longer than it would take to restart a
> crashed child)

And all that child's threads? If we are voting, I vote this is a showstopper. A
segfaulting process can leave an awful lot of cruft laying around.

Bill


Mime
View raw message