Prevent DoS of dice expressions
Bug #138523 reported by
Cory Dodt
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Glass Vellum |
Confirmed
|
Medium
|
Cory Dodt | ||
Bug Description
e.g. [500d100000x50sort]
There are two attacks involved here.
1. It takes a long-ass time to roll all those dice. (It was about 4:00 of CPU time when PenguinOfDoom tried it.)
2. It generates more text than can be sent to the IRC anyway, so the bot gets kicked off by excess flood.
Look for other potential DoS's in the dice parsing as well.
Revision history for this message
| Cory Dodt (corydodt) wrote | #1 |
| Changed in glassvellum: | |
| assignee: | nobody → corydodt |
| importance: | Undecided → Medium |
| status: | New → Confirmed |
To post a comment you must log in.
DoS can be generated by other things too, apparently. Especially long repsonses to ".aliases" can cause the bot to flood itself off.