[Varnish] #701: Parameters to limit URI / header sizes

Varnish varnish-bugs at varnish-cache.org
Thu May 13 16:01:33 CEST 2010

#701: Parameters to limit URI / header sizes
 Reporter:  slink        |       Owner:  phk                               
     Type:  enhancement  |      Status:  new                               
 Priority:  normal       |   Milestone:                                    
Component:  varnishd     |     Version:  trunk                             
 Severity:  normal       |    Keywords:  max_hdr_len max_uri_len limit size
 There still exist various scenarios where varnish may panic on failed
 assertions when the session workspace gets overflowed. A prominent case is
 extensive header/URI processing involving creation of (multiple) copies on
 the workspace.
 To ensure stable operation, the workspace needs to be sized based on
 maximum values for URI / header sizes.
 Thus, I am proposing to add respective limits.

 The attached patch will add two parameters:

  * max_hdr_len to limit the total size for request and response headers
 (as received from backends), excluding the request/status line, but
 including the terminal CRLF
  * max_uri_len to limit the total size of the request URI as received from

 The latter limit is probably already implied for most installations by
 backend servers' limits, so it seems sensible to make the respective check
 early in the processing chain.

 Thanks, Nils

Ticket URL: <http://www.varnish-cache.org/ticket/701>
Varnish <http://varnish-cache.org/>
The Varnish HTTP Accelerator

More information about the varnish-bugs mailing list