Just put a reply in bugzilla
plus a patch proposal. Reilly weird that we have not been hit by this for such
time. I think we should not buffer.
> -----Ursprüngliche Nachricht-----
> Von: Joe Orton [mailto:jor...@redhat.com]
> Gesendet: Montag, 11. September 2017 19:33
> An: firstname.lastname@example.org
> Betreff: C-L filter buffering snafu
> I may be missing something here, ap_content_length_filter looks broken.
> Currently it implements an unlimited size buffer, by trying to morph
> every indeterminate length bucket into the heap. It has the standard
> "read till it blocks then flush" logic, but this isn't a defence against
> RAM consumption!
> If the (e.g) CGI script is fast enough that read()s never block it just
> keeps on sucking up HEAP buckets, as the simple repro case in the bug
> 1. am I being stupid here?
> 2. otherwise, is there a good defence of why that filter should buffer
> to try to compute a C-L - exactly how much it should buffer & why?!
> Regards, Joe