Closed buglloc closed 10 years ago
@buglloc I just not committed the refactor removing the recursion, since it does not really solve the problem and I'm going to change the way the message is applied to the template. Thanks for reporting this problem.
I've found easy way to DoS attack with not very large text message. I think the problem in two things: 1 Replacement pattern
~text~
is not the last step when formatting the message 2 Recursionngx_http_push_stream_str_replace
Look at
ngx_http_push_stream_format_message
:After replacing the
~text~
is replacing~time~
and~tag~
, so if the message containts~time~
or~tag~
these two patterns will also be replaced. And now look atngx_http_push_stream_str_replace
:For each occurrence of a pattern in a string, allocate memory for result string. So if there will be many occurrences - it takes a decent amount of time and memory. For example... Send message:
And watch in htop:
Of course, changing the order in
ngx_http_push_stream_format_message
enough to solve the problem, but PR included fixes for both problem.