Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "Tomcat Developers List" <dev@tomcat.apache.org>
From: =?utf-8?Q?Konstantin_Prei=C3=9Fer?= <kpreisser@apache.org>
To: "'Tomcat Developers List'" <dev@tomcat.apache.org>
References: <524B16DC.50506@apache.org>	<524C57AA.4020501@apache.org>
	<524DC7E8.104@apache.org>	<000c01cec14b$9e22ecc0$da68c640$@apache.org>
	<524F39FE.10504@apache.org>	<000d01cec158$08757000$19605000$@apache.org>
 <CAN7Q5XR1+6DaFkuuj2Z-Bi7VxzL0DrtcP_A=NLE5GNwq+OD5KQ@mail.gmail.com>
 <000e01cec1d2$b59496b0$20bdc410$@apache.org> <5250619A.6010801@apache.org>
 <001401cec203$014347c0$03c9d740$@apache.org> <52506C62.6080909@apache.org>
 <000001cec237$74f69530$5ee3bf90$@apache.org> <525184D3.4050904@apache.org>
 <000001cec357$d7031e80$85095b80$@apache.org> <5252ADEC.30807@apache.org>
 <000101cec35e$6ca9e9e0$45fdbda0$@apache.org> <5252BCCC.50008@apache.org>
 <002001cec366$e43bfc20$acb3f460$@apache.org>
In-Reply-To: <002001cec366$e43bfc20$acb3f460$@apache.org>
Subject: RE: 8.0.x / 7.0.x progress
Date: Mon, 7 Oct 2013 17:34:56 +0200
Message-ID: <003b01cec372$c7dbec50$5793c4f0$@apache.org>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Thread-Index: 
 AQGcABAZ+zUAjwXqhneQ+wQSEA5PCAJDAKznAphVvLoCa+XdiQGmDBRuAgIBdcUB5O+whgHxnVXKAjua2esCCMLHrgKBcqc3ArJIsEkBT7KHIgIq0AVZApH3BVgC6nw4UgJ62KrKANJgSeSZKtK3gA==
Content-Language: de


> -----Original Message-----
> From: Konstantin Prei=C3=9Fer [mailto:kpreisser@apache.org]
> Sent: Monday, October 7, 2013 4:10 PM
> To: 'Tomcat Developers List'
> Subject: RE: 8.0.x / 7.0.x progress
>=20
> Hi Mark,
>=20
> > -----Original Message-----
> > From: Mark Thomas [mailto:markt@apache.org]
> > Sent: Monday, October 7, 2013 3:53 PM
> > To: Tomcat Developers List
> > Subject: Re: 8.0.x / 7.0.x progress
> >
>=20
> > > To me this reads that by default (value =3D -1), there is no limit =
when
> > processing whole messages, so I think Tomcat should handle such =
large
> > messages when not using methods to read partial messages.
> > >
> > > Am I missing something?
> >
> > DoS via a single large message that triggers an OOME.
>=20
> Yes, that can happen if there is no value specified for the maximum =
message
> size. (I thought it would be the application's responsibility so set a =
reasonable
> limit there, e.g. with the maxMessageSize attribute).
>=20
> But what I meant was, that the javadoc specifies that "-1" is the =
default value
> which means that there is no limit when receiving the message (as a =
whole),
> and the ChatAnnotation does not specify a value in its OnMessage
> annotation. So Tomcat does not seem to implement this default value.
>=20
> Also, when I change the value to something like this:
>=20
>     @OnMessage(maxMessageSize =3D 10000000L)
>=20
> so that Tomcat should be able to receive 10 MB messages, but it still =
does not
> receive the 10000 characters string message.

Sorry - I think I missed something regarding the buffer size in the =
session.

When setting session.setMaxTextMessageBufferSize(1000000); (e.g. in =
onOpen method), then Tomcat does indeed receive messages with such size, =
and it calls the @OnMessage method
 I also noticed that when using @OnMessage with maxMessageSize that is =
lower than the one set in session.setMaxTextMessageBufferSize, the =
message will be rejected.
So it seems that first the limit from =
session.setMaxTextMessageBufferSize(...) is applied, and then the limit =
from @OnMessage(maxMessageSize =3D ...) is applied. Is this correct?

Note that for the BIO connector, this does not seem to work - there =
Tomcat does not call the OnMessage method when such large message is =
received (and I also was not able to receive partial messages), whereas =
for NIO it works.


Regards,
Konstantin Prei=C3=9Fer


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org