[Bug 59926] New: ServerCookie memery leak

Tue, 02 Aug 2016 04:23:47 -0700 

https://bz.apache.org/bugzilla/show_bug.cgi?id=59926

            Bug ID: 59926
           Summary: ServerCookie memery leak
           Product: Tomcat 9
           Version: unspecified
          Hardware: PC
                OS: Mac OS X 10.1
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
          Assignee: dev@tomcat.apache.org
          Reporter: gehill...@sina.com

Created attachment 34090
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=34090&action=edit
avoid serverCookie memery leak

i have a test 


GetMethod getMethod = new GetMethod("http://127.0.0.1:8080/";);
Header h = new Header();
h.setName("Cookie");
StringBuilder sb=new StringBuilder();
for(int i=0;i<2000;i++){
    sb.append("a=b;");
}
h.setValue(sb.toString());
getMethod.addRequestHeader(h);
nt statusCode = httpClient.executeMethod(getMethod);


there are larger number ServerCookie arrays is cached in heap.

We saw two issues in this case:

1) the size of org.apache.tomcat.util.http.Cookies#scookies array never gets
shrunk after recycle,  once it is dynamically resized. 

2) the number of org.apache.tomcat.util.http.ServerCookie object can be
dramatically large, which might lead to memory leak. A maxHeaderSize of 8k has
limit the number of ServerCookie object to no more than 2k, assuming each
cookie is 4 bytes (e.g. 'a=b;'). This may have limited impact for a web
application with low concurrency. However, for a heavily concurrent, NIO-based
connector, this may have a  huge impact. Suppose a malicious client is sending
2k concurrent request, each sending 2k cookies, at tomcat side there will be 2k
* 2k = 4m ServerCookie objects. Since the default maxConnection value is 10k
for NIO, there can be at most 20m Server Cookies objects, and cannot be
recycled because of 1).



We modify as follows:
1) shrink the org.apache.tomcat.util.http.ServerCookie object array back to its
initial size after recycling org.apache.tomcat.util.http.ServerCookies object.

2) add a maxCookieCount configuration to limit the number of cookie to process.
When exceeding the limit, throw exception just like the limit of head. The
default value of maxCookieCount shall be unlimited to be compatible with
current behavior, and configurable via server.xml

3) limit the max size of org.apache.tomcat.util.http.Cookies#serverCookies
array. We argue the growing strategy here that the number of ServerCookie
object should have an upper limit. for example, if maxHeaderSize is 9k and
cookie string is 'a=;b=;...', then the number of ServerCookie object should be
no more than 3k, hence the growing from 2k -> 4k will be unnecessary.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to