Re: /bzr/squid3/trunk/ r9766: Bug 2674: Remove limit on HTTP headers read.

From: Alex Rousskov <rousskov_at_measurement-factory.com>
Date: Fri, 26 Jun 2009 10:07:21 -0600

On 06/26/2009 01:02 AM, Amos Jeffries wrote:
> ------------------------------------------------------------
> revno: 9766
> committer: Amos Jeffries <squid3_at_treenet.co.nz>
> branch nick: 3.HEAD
> timestamp: Fri 2009-06-26 19:02:45 +1200
> message:
> Bug 2674: Remove limit on HTTP headers read.
>
> Headers may be accumulated over more than one read. It does not make
> sense to limit the internal copy of the accumulated read buffer to 64KB.
>
> Reverts the internal read buffer to MemBuf defaults. This may cause
> issues where headers are of unbounded size. But those are expected to be
> caught by the header parser.
> modified:
> src/http.cc

Hi Amos,

    FYI: I have seen Squid crash if request header size limit is set to
"none" or a large value in squid.conf. There were several problems
leading to those crashes, some of them having to do with header
field->string conversions (String size limits are about 64K). Perhaps
things changed in v3.1, but in v3.0 the header parser was not catching
or could not catch all of the corner cases.

One of the test cases is a forwarding loop with unlimited X-Forward-For
growth.

I am not saying the changes should be reverted. Just want to share the
above info in case you start seeing crashes on large headers.

HTH,

Alex.
Received on Fri Jun 26 2009 - 16:07:27 MDT

This archive was generated by hypermail 2.2.0 : Sat Jun 27 2009 - 12:00:04 MDT