Hello again,
This is a follow up to my post you can see here [1].
I've tried a little more and found out something really scaring.
By using chunked transfer encoding you can continously send data to
_any_ tomcat servlet. Even if it would generate a 404 or another error.
What I did was to simply use the httpclient library to upload a
stream of random data to a really basic tomcat servlet (that prints
hello world). What happens is that the servlet executes, finished,
but tomcat continues to read all the data sent by my little program,
even if that continues to infinity. And instead of directly showing
the 404 tomcat will first _always_ show the 100 Continue header,
even if it _doesn't even accept posts/put_
Sample log:
>>> POST /backend/test HTTP/1.1[\r][\n]
>>> User-Agent: Jakarta Commons-HttpClient/3.1[\r][\n]
>>> Host: *******:8443[\r][\n]
>>> Expect: 100-continue[\r][\n]
>>> Transfer-Encoding: chunked[\r][\n]
>>> [\r][\n]
<<< HTTP/1.1 100 Continue[\r][\n]
<<< [\r][\n]
>>> *3 megabytes of random garbage data here*
<<< HTTP/1.1 405 HTTP method POST is not supported by this URL[\r][\n]
[...]
This probably means that any tomcat server out there having chunked
transfer enabled can be flooded with large amounts of data without
any mechanism inside of the servlet to prevent that from happening,
as far as I can see. This means theoretically one could open an
infinite number of non-terminating sockets to a tomcat server, that
_has_ to hurt performance.
Seems to me like there really needs to be a solution for this issue.
Best regards,
Volker
[1] http://marc.info/?l=tomcat-user&m=120024591128397&w=2
---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
