varnish crash

Per Buer perbu at
Wed Dec 10 08:45:56 CET 2014


On Tue, Dec 9, 2014 at 8:11 PM, Brice Burgess <nesta at> wrote:

> On 12/09/2014 11:00 AM, Mattias Geniar wrote:
>> It seems your workspace got exhausted due to the length of the URL your
>>> received.
>> To fix this, add the "http_req_hdr_len" parameter to your Varnish startup;
>> -p http_req_hdr_len=8192
>> Increase if needed.
> Yowser! So you can crash Varnish by sending extremely large request URLs?
> I hope this is not the case in 4.0. Failing gracefully would be nice.

Of course not. That would have been a rather obvious DoS and would have
been posted to the various sec-lists in a few minutes.

However, you might exhaust your workspace if you start copying the long URL
around a lot or otherwise process it. That is what it seems is happening

*Per Buer*
CTO | Varnish Software AS
Cell: +47 95839117
We Make Websites Fly!
[image: Register now]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the varnish-misc mailing list