Re: [Lit.] Buffer overruns

From: infobahn (infobahn_at_btinternet.com)
Date: 01/31/05 

Date: Mon, 31 Jan 2005 16:12:58 +0000 (UTC)

Phil Carmody wrote:
>
> infobahn <infobahn@btinternet.com> writes:
> >
> > [...] If you can DoS the program using valid input, it has
> > major problems. Expensive problems.
>
> Which takes more CPU power:
> 1) A test in PHP to see if a search key has the right form, and
> rejecting a malformed key.
> 2) That test, passed, followed by a SQL query to extract the record
> corresponding to a valid key.

The second, obviously. But the second way is the right way to go.

> Part of the point about validating input is to enable you to reject
> requests before doing too much work. It follows that the ones you
> don't reject take more work to handle. Thus, if correct requests
> can be spoofed, they're a better mechanism for DoSing.

If they're correct requests, I don't see the problem here. Perhaps
I'm being dense. (It wouldn't be the first time.)

> Set up your own home server, and see how many 404s (i.e. the simplest,
> most arbitrary of incorrectly formatted requests) you can handle per
> second. Then stick the simplest possible database behind a CGI handler,
> and compare your throughput. Now you've determined that what you've
> done has "major problems" fix them, and report back here how you fixed
> them.

On this laptop? You /have/ to be kidding. :-)

>
> And what happened to my other questions about you considering logs of
> buffer overruns to be junk, and not genuine?

They are genuine junk! They are genuine in the sense that they
faithfully record genuine buffer overruns, but junk in the sense
that they're likely to be the /same/ report duplicated N times.

> However, I try to avoid the god-forsaken abomination that calls itself
> google groups (2 beta) as much as possible nowadays.

Indeed. I am, however, finding it hard to get out of the habit of
typing .com instead of .co.uk (and I'm /supposed/ to be bright!).