Hi, On Tue, Dec 9, 2014 at 8:11 PM, Brice Burgess <[email protected]> wrote:
> On 12/09/2014 11:00 AM, Mattias Geniar wrote: > >> It seems your workspace got exhausted due to the length of the URL your >>> received. >>> >> >> To fix this, add the "http_req_hdr_len" parameter to your Varnish startup; >> >> -p http_req_hdr_len=8192 >> >> Increase if needed. >> > > Yowser! So you can crash Varnish by sending extremely large request URLs? > I hope this is not the case in 4.0. Failing gracefully would be nice. Of course not. That would have been a rather obvious DoS and would have been posted to the various sec-lists in a few minutes. However, you might exhaust your workspace if you start copying the long URL around a lot or otherwise process it. That is what it seems is happening here. -- *Per Buer* CTO | Varnish Software AS Cell: +47 95839117 We Make Websites Fly! www.varnish-software.com [image: Register now] <http://info.varnish-software.com/varnish-summits-autumn-2014-registration>
_______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
