* rc-httpd bug
@ 2015-02-09 8:15 BurnZeZ
2015-02-09 14:55 ` [9front] " Kurt H Maier
0 siblings, 1 reply; 4+ messages in thread
From: BurnZeZ @ 2015-02-09 8:15 UTC (permalink / raw)
To: 9front
lachs0r pointed out a bug involving the request handling.
When someone makes a request, rc-httpd does not limit the size of the request.
It loops getting lines until the request is complete, or rc runs out of memory.
fn getline{ read | sed 's/'^$"cr^'$//g' }
done=false
while(~ $"done false){
line=`{getline}
if(~ $#line 0)
done=true
reqlines=$"reqlines$"line'
'
The preceding excerpts should make the problem apparent.
See /rc/bin/rc-httpd/rc-httpd:/^done/
Another thing of note is that read(1) as used here will read until newline
with no regard for how much data is read.
RFC2616 section 10.4.14 speaks of a response, 413 Request Entity Too Large
> The server is refusing to process a request because the request
> entity is larger than the server is willing or able to process. The
> server MAY close the connection to prevent the client from continuing
> the request.
>
> If the condition is temporary, the server SHOULD include a Retry-
> After header field to indicate that it is temporary and after what
> time the client MAY try again.
This definition leaves it up to the server to decide how much crap it tolerates.
From a quick glance at a few http server implementations, I see limits varying from 1-48 KB.
I'm not familiar enough with http to know how to impose such a limitation without
breaking things.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9front] rc-httpd bug
2015-02-09 8:15 rc-httpd bug BurnZeZ
@ 2015-02-09 14:55 ` Kurt H Maier
2015-02-10 13:35 ` BurnZeZ
0 siblings, 1 reply; 4+ messages in thread
From: Kurt H Maier @ 2015-02-09 14:55 UTC (permalink / raw)
To: 9front
tell lachs0r if he wants nginx he knows where to find it
khm
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9front] rc-httpd bug
2015-02-09 14:55 ` [9front] " Kurt H Maier
@ 2015-02-10 13:35 ` BurnZeZ
2015-02-10 15:19 ` Kurt H Maier
0 siblings, 1 reply; 4+ messages in thread
From: BurnZeZ @ 2015-02-10 13:35 UTC (permalink / raw)
To: 9front
> tell lachs0r if he wants nginx he knows where to find it
Regardless of what lachs0r says, it's probably not the best idea to let
your system be run out of memory serving http.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9front] rc-httpd bug
2015-02-10 13:35 ` BurnZeZ
@ 2015-02-10 15:19 ` Kurt H Maier
0 siblings, 0 replies; 4+ messages in thread
From: Kurt H Maier @ 2015-02-10 15:19 UTC (permalink / raw)
To: 9front
Quoting BurnZeZ@feline.systems:
> Regardless of what lachs0r says, it's probably not the best idea to let
> your system be run out of memory serving http.
It's not even a good idea to serve http in the first place. It's amazing
eekee was able to even produce a working httpd in shell; getting fiddly with
tyring to harden a daemon which is obviously not intended to base your
business around is probably a waste of time.
Resource exhaustion problems are not easily fixed; see the recent 9fans
thread on the topic. In this case it would be simplest to write a small
utility to handle the ingest and drop the read operation after n bytes.
Patches welcome.
khm
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-02-10 15:19 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-02-09 8:15 rc-httpd bug BurnZeZ
2015-02-09 14:55 ` [9front] " Kurt H Maier
2015-02-10 13:35 ` BurnZeZ
2015-02-10 15:19 ` Kurt H Maier
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).