Evgeny Kotkov created SVN-4616:
----------------------------------
Summary: mod_dav_svn: Unbounded memory usage with PROPFIND requests
Key: SVN-4616
URL: https://issues.apache.org/jira/browse/SVN-4616
Project: Subversion
Issue Type: Bug
Components: mod_dav_svn
Affects Versions: 1.9.3, 1.8.15
Reporter: Evgeny Kotkov
Responding to PROPFIND requests can result in httpd/mod_dav_svn consuming
unbounded amounts of memory.
Reproduction script based on [the user
report|https://mail-archives.apache.org/mod_mbox/subversion-users/201512.mbox/%3c1cee115d02633942a40d49d447dcf46e432f3...@sd01cfmm0202.omega.dce-eir.net%3E]
where the user has a server running out of memory and crashing:
# Create repository with /trunk, /branches, /tags hosted by httpd
# Import a .jar file into /trunk
# Create a tag from /trunk
# Repeat two last steps 9000 times
# Issue a depth 1 PROPFIND request for /tags, either by issuing {code:none}svn
ls -v http://localhost/repository/tags{code} or with curl:
{code:xml}
curl -X PROPFIND -d "<?xml version='1.0' encoding='utf-8'?><propfind
xmlns='DAV:'
xmlns:S='http://subversion.tigris.org/xmlns/svn/'><prop><resourcetype
xmlns='DAV:' /><getcontentlength xmlns='DAV:' /><version-name xmlns='DAV:'
/><creator-displayname xmlns='DAV:' /><creationdate xmlns='DAV:' /><checked-in
xmlns='DAV:' /><S:mime-type /></prop></propfind>" --header "Depth: 1"
http://localhost/repository/tags
{code}
# The memory consumption while the server handles PROPFIND request will grow
quickly. Creating new tags will increase the absolute amount of memory required
to handle the request.
See the e-mail thread ["\[RFC/PATCH\] Handling PROPFIND in
mod_dav_svn"|https://mail-archives.apache.org/mod_mbox/subversion-dev/201512.mbox/%3CCAP_GPNhA4hBFdOC7Z1D-K9h_NHm8d7WjyfSF4oUOteUepkjaaA%40mail.gmail.com%3E]
on the [email protected] mailing list for the discussion of the problem and the
possible solution.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
