memoryLimit reached while writing

[i5-650]

Description

I'm developing a PHP application that handles image uploads to a server. The application is straightforward and primarily serves as a testbed for using Traefik and its plugins.

While integrating the Coraza plugin with Traefik, I encountered the following error: ERR Failed to read request body tx_id="MgnMwDtswTYfBQTgNZy" error="memoryLimit reached while writing" entryPointName=https middlewareName=coraza-owasp@file middlewareType=wasm routerName=php_uploader@docker if the image is bigger than 1MB

and:

DBG github.com/traefik/traefik/v3/pkg/server/service/proxy.go:100 > 500 Internal Server Error error="net/http: HTTP/1.x transport connection broken: http: ContentLength=113348 with Body length 0" If the image is smaller than 1MB

Steps to reproduce

The PHP app:

<?php 

if(isset($_POST) && isset($_POST['submit']) && isset($_FILES) && isset($_FILES['files'])) {
    $email = $_POST['email'];
    create_dir_if_not_exists("./uploads/$username");
    $total = count($_FILES['files']['name']);
    $isOk = true;

    for($i = 0; $i < $total; $i++) {
        $tmp_file = $_FILES['files']['tmp_name'][$i];

        if(!is_acceptable_file($tmp_file)) {
            return;
        }

        if($tmp_file != "") {
            $new_fil = "imagine code here";
            $isOk &= move_uploaded_file($tmp_file, $new_file); 
        }
    }
    // Redirect...
}
?>
<html>
    <! -- imagine the rest of the code here -->
    <form action="/" method="post" enctype="multipart/form-data" >
                    <label for="email">Email </label>
                    <input type="email" id="email" name="email" required/>
                    <label for="files"> File(s) to send:</label>
                    <input type="file" name="files[]" id="files" multiple accept="image/*" required />
                </div>
                <button type="submit"name="submit"> Upload Images !</button>
    </form>
</html>

and the following labels:

        labels:
            - "traefik.enable=true"
            - "traefik.http.routers.php_uploader.rule=Host(`localhost`)"
            - "traefik.http.services.php_uploader.loadbalancer.server.port=80"
            - "traefik.http.routers.php_uploader.entrypoints=https"
            - "traefik.http.routers.php_uploader.tls=true"
            - "traefik.http.routers.php_uploader.middlewares=coraza-owasp@file,cloudflarewarp@file"

The Traefik: v3.1.2 (image id: dfdbdfae3fb3)

The Coraza middleware: v0.2.2

http:
    middlewares: 
        coraza-owasp:
            plugin: 
                coraza:
                    directives: 
                        - Include @coraza.conf-recommended
                        - Include @crs-setup.conf.example
                        - Include @owasp_crs/*.conf
                        # I tried to disable the rule that stops me
                        - SecRuleRemoveByTag 'OWASP_CRS/POLICY/SIZE_LIMIT'
                        - SecRuleEngine On

Expected result

I should have the images uploaded to my server, the .ini file is edited to allow so and it works without the Coraza middleware.

Actual result

I have this error:

ERR Failed to read request body tx_id="MgnMwDtswTYfBQTgNZy" error="memoryLimit reached while writing" entryPointName=https middlewareName=coraza-owasp@file middlewareType=wasm routerName=php_uploader@docker

or

DBG github.com/traefik/traefik/v3/pkg/server/service/proxy.go:100 > 500 Internal Server Error error="net/http: HTTP/1.x transport connection broken: http: ContentLength=113348 with Body length 0"

And the server returns a 500.

[i5-650]

Update:

I figured out that it's linked to the issue #280.

If you simply disable the body processing (SecRequestBodyAccess Off), it works fine.

[M4tteoP]

Hey @i5-650, reading about Traefik and Coraza middleware v0.2.2 makes me think that the issue belongs to the http-wasm connector (here is the proxy-wasm one, similar names, but different ABI and Coraza connector): https://github.com/jcchavezs/coraza-http-wasm