tira-misu
commented
2 years ago It seams that the usage of regex_match() causes huge stack usage.
eg. the call of regex_match() in ServiceImpl::parse_request_line() uses about 100KB of stack for about 100 byte long request line. If the request line is longer, more stack will be used. I think all regex_match() calls can easily lead to a stack overflow even on a 8MB stack size.
Of cause - regex are cool and easy to use. But it would be great to use a more simple way to parse strings with a estimable stack usage.
If you do a request with big header (eg. long authentication token) leads to huge stack consumption. I have seen stack consumption of over 1MB with a authentication token of about 4KB.
So a even bigger token can lead to stack overflow with a single request.
Per default stack size is 8MB in linux. But even this huge stack size can lead to a crash.