Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DOS issue: Firefox crashing TheHive #899

Closed
frikky opened this Issue Feb 25, 2019 · 12 comments

Comments

Projects
None yet
3 participants
@frikky
Copy link

frikky commented Feb 25, 2019

Request Type

Bug

Work Environment

Question Answer
OS version (server) ...
OS version (client) ...
TheHive version / git hash 3.3-RC2
Package Type Docker
Browser type & version Firefox 65.0.1

Problem Description

When you click a case TheHive 3.3-RC2 from Firefox 65.0.1, it automatically makes the server use all available CPU. I'm guessing this is an infinite loop issue in Angular. This is specific to Firefox 65.0.1, and was not reproducable with e.g. firefox 60. (Didn't test inbetween 64, 63 etc.). This does not occur on earlier versions of TheHive either (e.g. 3.2.1). Not tested without Docker.

Steps to Reproduce

  1. Set up TheHive version 3.3-RC2
  2. Download and set up Firefox 65.0.1
  3. Login to thehive
  4. Click any case (Doesn't matter if closed or open)
@nadouani

This comment has been minimized.

Copy link
Contributor

nadouani commented Feb 25, 2019

Hello, is there any way to take a look to what the browser does, like for example, from the developer console, take a look to the network tab?

@frikky

This comment has been minimized.

Copy link
Author

frikky commented Feb 25, 2019

I tried, but what happened was that you get a reply on the first request, but all subsequent requests (ctrl+shift+R) don't work.

@nadouani

This comment has been minimized.

Copy link
Contributor

nadouani commented Feb 25, 2019

Tried that on a Mac OS and it works fine. What client OS are you using?

@frikky

This comment has been minimized.

Copy link
Author

frikky commented Feb 25, 2019

Tried on Windows and Debian versions :)

@nadouani

This comment has been minimized.

Copy link
Contributor

nadouani commented Feb 25, 2019

Tested on Ubuntu, works fine.

Do you have any logs? The response of the requests that fail?

@frikky

This comment has been minimized.

Copy link
Author

frikky commented Feb 25, 2019

Hmm, I'm starting to think this is something I've done myself, since we have some custom things. I'll get back to you 👍

I couldn't find any relevant logs, as it just seems to DOS itself immediately after the first request.

@crackytsi

This comment has been minimized.

Copy link

crackytsi commented Feb 25, 2019

Could'nt this linked with the button issue? Why didn't you upgrade to 3.3 RC4?

@nadouani

This comment has been minimized.

Copy link
Contributor

nadouani commented Feb 25, 2019

Yes try even RC5 so we can test on the same version

@frikky

This comment has been minimized.

Copy link
Author

frikky commented Feb 25, 2019

Oh, my current custom build is on RC2 (we don't have internet access on servers, so upgrading in general is a hassle, aka I don't do it for every minor upgrade). I'll try, thanks!

@nadouani

This comment has been minimized.

Copy link
Contributor

nadouani commented Feb 25, 2019

So your version is custom version of TheHive?

@frikky

This comment has been minimized.

Copy link
Author

frikky commented Feb 25, 2019

It's basically the normal TheHive with some things like extra severity fields etc. which hasn't broken anything before (been running for a year), hence I thought it might be something happening to everyone. I'll upgrade and test some more before I update you again.

@frikky

This comment has been minimized.

Copy link
Author

frikky commented Mar 1, 2019

I finally got around to doing the upgrade from RC-2 to RC-5. Everything seems to be working fine now! Problem is I don't really know why..

Thanks for the help :)

@frikky frikky closed this Mar 1, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.