search

HerikLyma / CPPWebFramework

​The C++ Web Framework (CWF) is a MVC web framework, Open Source, under MIT License, using C++ with Qt to be used in the development of web applications.
MIT License
447 stars 119 forks source link

Fix Memory Exhaust Issue #18

Closed wehnersteffensielaff closed 5 years ago

wehnersteffensielaff commented 5 years ago

Issue Discription:

with an incoming http requests the server will allocate memory as long as it recieves Data from the incoming Connection even if a MaxUploadSize was defined. This behaviour will trigger a bad_alloc exception then the server host runs out of memory and the server application will terminate. A example would be you upload a 1GB File via a POST request to a server with 512 MB of Memory and no swap.

Issue Fix:

append incoming Data to the content buffer only as long as its size is smaller than maxUploadFile. Otherwise throw away the Data and than return a Status 403 page

Pull Request Checklist

Please check if your Pull Request fulfills the following requirements:

Pull Request Type

What kind of change does this Pull Request introduce?

[x] Bugfix
[ ] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] Build related changes
[ ] CI related changes
[ ] Documentation content changes
[ ] Other (Please describe)

What is the current behavior?

Issue Number: N/A

What is the new behavior?

Does this Pull Request introduce a breaking change?

[ ] Yes
[ ] No

Other information

coveralls commented 5 years ago

Coverage Status

Coverage decreased (-0.09%) to 62.473% when pulling 57e6a53c103132b254018640c6130c9ecfe32e2a on wehnersteffensielaff:fix_memory_exhaust into c3b33986ae866d93267c1d76019895006bf75f96 on HerikLyma:master.