Skip to content

route regex match fails for large URIs #7728

Closed
@skambashi

Description

@skambashi

Description:
We've noticed that requests with a very long URI crashes our envoy service for routes defined using a regex matcher.

We're not sure if it's due to some overflow bug in Envoy's regex parser, but ideally Envoy should not crash because of a long URI.

Repro steps:
Define a route with a match regex like the following:

"match": {
    "regex": "/asdf/.*"
}

and then make a request with a large URI:

val longString = "a" * (50 * 1024)
client.send("GET", "/asdf/{longString}")

We've gotten around it by using a prefix matcher instead, but this appears to be a potential DoS vulnerability if not a security issue.

Metadata

Metadata

Assignees

Labels

bugno stalebotDisables stalebot from closing an issue

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions