DO NOT REPLY [Bug 36742] New: - Missing diagnostics in InternalInputBuffer on overly long headers

[bu...@apache.org]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=36742>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=36742

           Summary: Missing diagnostics in InternalInputBuffer on overly
                    long headers
           Product: Tomcat 5
           Version: 5.0.28
          Platform: Other
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P5
         Component: Connector:HTTP
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: greg-apache-bugs@nest.cx


Currently, if a request comes in with a header longer than
maxHttpHeaderSize, Tomcat drops the connection and does not log
anything.

Here is what it looks like from client point of view with the default
maxHttpHeaderSize of 4K.

Overly long header:

% curl  -H "$(perl -e 'print q{X: }, q{a}x10000')" http://tomcat/admin/
curl: (52) Empty reply from server

I am adding a small diagnostic message to catch such cases (patch
attached).

With that patch in place we get a nice message in the logs and we can
grep and see how often we hit the limit:

jvm 1    | Sep 15, 2005 6:51:45 PM org.apache.coyote.http11.InternalInputBuffer fill
jvm 1    | INFO: Request header is too large

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org