Joe Orton wrote: > On Thu, Jul 02, 2009 at 01:37:22PM +0100, Nick Kew wrote: >> Joe Orton wrote: >> >>> 1) A *linear-time* search on a shm segment, using strstr. >>> 2) ... for each new connection. >> With the expectation that the shm segment normally has strlen >> of zero, and even under attack is just a few bytes. > > As far as I can tell, the worst case is when the size of the string in > the shm segment approaches the maximum in a distributed DoS. The > maximum will need to be: > > (MaxClients / MaxClientConnections) * 47 + 1 > > (46 is the max length of an IPv6 address, not 18, IIRC, and you need > +1's for both the space and the NUL terminator which strcpy will append) > > That could easily be tens or hundreds of kilobytes, depending on > configuration. Presuming that strstr() on that could be non-trivial, > the CPU cost of handling a DDoS attack becomes O(N^2) in an effort to > mitigate a single-client-DoS. That sounds like very poor trade-off.
A fixed memcmp of the fixed strlen(match)+1 is sufficient, as you are observing the trailing NULL, which should correspond to the individual client IP strings' trailing NULLs. strstr is certainly suboptimal.
