The C++ Web Framework (CWF) is a MVC web framework, Open Source, under MIT License, using C++ with Qt to be used in the development of web applications.
with an incoming http requests the server will allocate memory as long as it recieves Data from the
incoming Connection even if a MaxUploadSize was defined. This behaviour will trigger a bad_alloc exception
then the server host runs out of memory and the server application will terminate.
A example would be you upload a 1GB File via a POST request to a server with 512 MB of Memory and no swap.
Issue Fix:
append incoming Data to the content buffer only as long as its size is smaller than maxUploadFile.
Otherwise throw away the Data and than return a Status 403 page
Pull Request Checklist
Please check if your Pull Request fulfills the following requirements:
[x] The commit message has a detailed description of the modifications
[ ] Tests for the changes have been added (for bug fixes / features)
[ ] Docs have been added / updated (for bug fixes / features)
Pull Request Type
What kind of change does this Pull Request introduce?
[x] Bugfix
[ ] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] Build related changes
[ ] CI related changes
[ ] Documentation content changes
[ ] Other (Please describe)
What is the current behavior?
Issue Number: N/A
What is the new behavior?
Does this Pull Request introduce a breaking change?
Coverage decreased (-0.09%) to 62.473% when pulling 57e6a53c103132b254018640c6130c9ecfe32e2a on wehnersteffensielaff:fix_memory_exhaust into c3b33986ae866d93267c1d76019895006bf75f96 on HerikLyma:master.
Issue Discription:
with an incoming http requests the server will allocate memory as long as it recieves Data from the incoming Connection even if a MaxUploadSize was defined. This behaviour will trigger a bad_alloc exception then the server host runs out of memory and the server application will terminate. A example would be you upload a 1GB File via a POST request to a server with 512 MB of Memory and no swap.
Issue Fix:
append incoming Data to the content buffer only as long as its size is smaller than maxUploadFile. Otherwise throw away the Data and than return a Status 403 page
Pull Request Checklist
Please check if your Pull Request fulfills the following requirements:
Pull Request Type
What kind of change does this Pull Request introduce?
What is the current behavior?
Issue Number: N/A
What is the new behavior?
Does this Pull Request introduce a breaking change?
Other information