Bug #4070: possible XMLRPC connectino leak - Ruby master - Ruby Issue Tracking System

Actions

Copy link

Bug #4070

closed

possible XMLRPC connectino leak

Added by shyouhei (Shyouhei Urabe) about 14 years ago. Updated over 13 years ago.

Status:

Rejected

Assignee:

nahi (Hiroshi Nakamura)

Target version:

1.9.3

ruby -v:

ruby 1.9.3dev (2010-11-16 trunk 29806) [x86_64-linux]

Backport:

[ruby-core:33254]

Description

=begin
Hi all.

We got a pull request that claims xmlrpc to have a connection leak.

http://github.com/ruby/ruby/pull/1

But I'm not sure if the code posted there is a "proper" use of XMLRPC module. XMLRPC::Client instance seems to keep a TCP sessions and can issue many RPC calls from it, no need to recreate instances every time. It seems to me that the reporter's code unnecessarily opens too many TCP sessions at once and acts like a kind of DoS attack to a server. Proposed fix ensures this usage and disables TCP session pooling.

Is this a right fix that I can pull into? or should we have a better way?
=end

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Like0

Like0Like0Like0Like0

Project

General

Profile

Ruby » Ruby master

Custom queries

Bug #4070

possible XMLRPC connectino leak

Updated by tarui (Masaya Tarui) about 14 years ago

Index: lib/xmlrpc/server.rb¶

Updated by naruse (Yui NARUSE) over 13 years ago

Updated by nahi (Hiroshi Nakamura) over 13 years ago

Updated by nahi (Hiroshi Nakamura) over 13 years ago