varnish crash

Per Buer perbu at varnish-software.com
Wed Dec 10 08:45:56 CET 2014


Hi,

On Tue, Dec 9, 2014 at 8:11 PM, Brice Burgess <nesta at iceburg.net> wrote:

> On 12/09/2014 11:00 AM, Mattias Geniar wrote:
>
>> It seems your workspace got exhausted due to the length of the URL your
>>> received.
>>>
>>
>> To fix this, add the "http_req_hdr_len" parameter to your Varnish startup;
>>
>> -p http_req_hdr_len=8192
>>
>> Increase if needed.
>>
>
> Yowser! So you can crash Varnish by sending extremely large request URLs?
> I hope this is not the case in 4.0. Failing gracefully would be nice.


Of course not. That would have been a rather obvious DoS and would have
been posted to the various sec-lists in a few minutes.

However, you might exhaust your workspace if you start copying the long URL
around a lot or otherwise process it. That is what it seems is happening
here.

-- 
*Per Buer*
CTO | Varnish Software AS
Cell: +47 95839117
We Make Websites Fly!
www.varnish-software.com
[image: Register now]
<http://info.varnish-software.com/varnish-summits-autumn-2014-registration>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20141210/a8569819/attachment.html>


More information about the varnish-misc mailing list