You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@openwhisk.apache.org by gi...@git.apache.org on 2017/06/01 13:14:15 UTC

[GitHub] jlost opened a new issue #2324: Many "Message length exceeded" locks OpenWhisk (DoS vulnerability?)

jlost opened a new issue #2324: Many "Message length exceeded" locks OpenWhisk (DoS vulnerability?)
URL: https://github.com/apache/incubator-openwhisk/issues/2324
 
 
   ## Environment details:
   
   * Ubuntu 14.04.5 LTS
   * Docker version 1.12.0, build 8eab29e
   * ansible 2.1.2.0
   
   ## Steps to reproduce the issue:
   
   1.   Invoke an Action which returns a message that exceeds the 1MB limit. Observe that even if you invoke it as "blocking" and the invocation is short, you will wait until timeout and receive only the Activation ID in the response. Get the Activation, observe that the duration is short in spite of the long wait. 
   2.   Repeat step 1 (invoke as non-blocking or you'll be waiting a very long time) until you get the error "Too many requests for namespace". Check those Activations and verify that they have completed with the "message length exceeded maximum" error.
   3.   Wait a few minutes (or any arbitrary length of time) and try an Action invocation. Observe that you still get the "Too many requests" error, even though none of the requests you made in step 2 are still in flight.
   
   ## Provide the expected results and outputs:
   
   The result I would expect is that in step 1, a "message length exceeded" error is returned to the caller, and in step 3, "Too many requests" would either not occur (because they're quickly being completed, not still in-flight), or would go away after a short time.
   
   ## Provide the actual results and outputs:
   
   Blocking invocations only return the Activation ID after a timeout, and the OW instance becomes locked with "Too many requests". This seems like a Denial of Service vulnerability as well.
   
   
   ## Code Samples
   break-openwhisk.js:
   ```
   exports.main = (args) => {
       let bigstring = "";
       for (let i = 0; i < 5000000; i++) {
           bigstring += "A";
       }
       return { bigstring: bigstring, message: "Should have failed" };
   };
   ```
   spam.sh:
   ```
   #!/bin/bash
   
   for i in {1..200}
   do
       echo "invocation #$i..."
       wsk action invoke -iv break-openwhisk
       sleep 1
   done
   ```
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services