Amos Jeffries wrote:
Richard Wall wrote:
I just filed a new bug and wondered if anyone here had seen a similar
problem or had any suggestions about how to track down the possible
memory leak.
* http://bugs.squid-cache.org/show_bug.cgi?id=2973
There seems to be quite a bad memory leak in the way Squid handles HTTP
requests which do not contain a path. For example, one of our
customers Squid
servers, deployed in transparent mode, is receiving many thousands of
such
requests, presumably some sort of DOS attack on the named web server.
Well, yes could have uncovered a successful DoS attack against Squid. If
you are right this may be a very serious bug, or maybe just a rarely
working but fatal attack. I've pinged Henrik on IRC.
If you have any further details or replication on this please use the
squid-bugs@xxxxxxxxxxxxxxx email address instead of the public bugzilla.
At least until we have had more of a chance to verify the risk level and
find a fix.
Thank you.
Amos
For the record:
This has been verified as a Squid-2 specific problem. No security
alert has been made. Squid-2 patch is available at
http://www.squid-cache.org/Versions/v2/2.HEAD/changesets/12696.patch.
Squid-3 is unaffected.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.5
