Apache `ab` hammers servers who don't respond
| Originator: | codesorcery | ||
| Number: | rdar://11526250 | Date Originated: | 24-May-2012 11:18 AM |
| Status: | Open | Resolved: | |
| Product: | Mac OS X | Product Version: | 10.7.4 |
| Classification: | Other Bug | Reproducible: | Always |
24-May-2012 11:18 AM Justin Miller: Summary: If you start a simple HTTP server with something like netcat (`nc`) and use Lion's `ab` (Apache Benchmark) tool, it will repeatedly hammer the server with request headers, creating a Denial of Service issue. Steps to Reproduce: 1. Start a simple server with `sudo nc -v -l localhost 80` 2. Try to send a single request with `ab` using `ab -n 1 -c 1 http://127.0.0.1/` 3. Observe the netcat window spew out repeated request headers as `ab` hammers it without mercy, despite being told to only send one request. Expected Results: `ab` should hang and/or give up after a timeout period since the server isn't responding. Actual Results: It's a madhouse! Regression: Doesn't happen in 10.6 or other UNIX platforms. Notes: Here's the entire contents of a diff between stock Apache 2.2.21 `ab` and Lion's version of same: https://gist.github.com/3d168bd4c29fe761c1b9 This appears to possibly reference rdar://7484748
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!