Bug 13608 - Limit the size of the request from the compile server client
Summary: Limit the size of the request from the compile server client
Status: RESOLVED FIXED
Alias: None
Product: systemtap
Classification: Unclassified
Component: server (show other bugs)
Version: unspecified
: P2 normal
Target Milestone: ---
Assignee: Abe Jakop
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-01-20 20:48 UTC by Dave Brolley
Modified: 2016-03-15 21:02 UTC (History)
2 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dave Brolley 2012-01-20 20:48:18 UTC 
In order to prevent DOS, the size of the request package received from the client should be limited to some configurable maximum.
Comment 1 Frank Ch. Eigler 2016-01-14 20:52:52 UTC 
Limiting the compressed .zip file size is pretty easy; we'd also want to limit the uncompressed size (to reduce the likelihood of a -ENOSPC later).  To do the latter, one might need to run "unzip -l" or "zipinfo" on the file and scrape the output for estimating uncompressed sizes.
Comment 2 Abe Jakop 2016-03-15 21:02:21 UTC 
Fixed by commit c1531f3f48faf5d45949210712ef0e9420297b12

To limit the compressed client request there is the stap-server option --max-compressed-request which takes a size parameter in bytes. The default max compressed request size is 5000 bytes.

To limit the uncompressed client request, there is the stap-server option --max-request-size which takes a size parameter in bytes. The default max uncompressed request size is 50000 bytes.