Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: httpd.apache.org > bugs > 02 > 072446.html (Request Expert httpd.apache.org Support)

DO NOT REPLY [Bug 11236] New: - Possible Log exhaustion bug?

From: <bugzilla(at)apache.org>
Date: Sat Jul 27 2002 - 16:10:57 EDT


DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11236>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11236

Possible Log exhaustion bug? 

           Summary: Possible Log exhaustion bug?
           Product: Apache httpd-1.3
           Version: 1.3.23
          Platform: All
        OS/Version: All
            Status: UNCONFIRMED
          Severity: Minor
          Priority: Other
         Component: Other
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: dh@uptime.at

Greetings. I am not quite sure if you should classify this as a bug, but I thought it would be interesting to pass it along. On all redhat systems and many others I had a look at, the standard installation of Apache logs the full path to a file that produces a 404 file not found or 414 Request URI-Too Large.

I was experimenting witht he following command: wget `perl -e 'print "host"; print "A"x######; print "/";'`

While doing this I simply tailed the access log of the server I used to test this on. I tried numbers between 6000 and 64000. I did not bother to try larger numbers due to the limitations of wget. However I noticed, that access_log wrote all of the xxxx thousand "A" I put into the request into the logfile. Even when the request URI was obviously too large all of the xxx chars in the path are logged.
This creates a possible space exhaustion on the partition apache logs upon. If I can write more than 64000 chars per request into the logfile it should be farily easy to cram the logfile. Also I noticed a slight delay while apache is writing the 64000 chars to the logfile.

Is this a valid concern? Thank you.


To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org For additional commands, e-mail: bugs-help@httpd.apache.org Received on Sat Jul 27 20:10:35 2002

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 16:43:45 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library