Assert error in WSLR() on SLT_HttpGarbage

Poul-Henning Kamp phk at
Fri Sep 2 17:19:15 CEST 2011

In message <CAK6bCax=JYWzHr9r5z_=wyLMyYQfnsdP6e1Kinmdx_sauL_MmA at>
, Jean-Baptiste Quenot writes:

>1) is it a difficult task to provide a meaningful error message in the
>crash report?

It's a bug which only got fixed just after 3.0.1 unfortunately.

>2) why not issue a 413 entity too large when some headers longer than
>http_req_hdr_len, instead of crashing?


At the time the consensus was that if we saw something that was too
long, it was probably an attack of some kind and just closing was
the best idea.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

More information about the varnish-dev mailing list