[
https://issues.jboss.org/browse/SOLDER-340?page=com.atlassian.jira.plugin...
]
Melloware Inc updated SOLDER-340:
---------------------------------
Steps to Reproduce:
I have attached a maven project for a simple WAR file that can reproduce it.
Reproduction Instructions:
1. Unzip the war and run "mvn clean package" to build the memoryleak.war.
2. Deploy it in a Jboss AS 7.1.1.
3. Download and run the OWASP DirBuster app.
https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project
4. The DirBuster app comes with a file directory-list-2.3-medium.txt which is what we used
to simulate the run. It attemps to just access random urls under the main webapp.
Attached is a screenshot of our exact settings.
was:
I have attached a maven project for a simple WAR file that can reproduce it.
Reproduction Instructions:
1. Unzip the war and run "mvn clean package" to build the memoryleak.war.
2. Deploy it in a Jboss EAP 6.
3. Download and run the OWASP DirBuster app.
https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project
4. The DirBuster app comes with a file directory-list-2.3-medium.txt which is what we used
to simulate the run. It attemps to just access random urls under the main webapp.
Attached is a screenshot of our exact settings.
Memory Leak during DOS Attack using OWASP DirBuster
---------------------------------------------------
Key: SOLDER-340
URL:
https://issues.jboss.org/browse/SOLDER-340
Project: Solder
Issue Type: Bug
Components: Servlet
Affects Versions: 3.2.0.Final
Environment: ALL
Reporter: Melloware Inc
Priority: Critical
Attachments: memoryleak.zip
During performance testing of our application using OWASP DirBuster to simulate a DOS
attack scanning for directories it appears our EAP 6.0.1 leaked memory until the JVM
Locked up. Even after manually attempting a GC the memory stays frozen and does not free
up.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:
http://www.atlassian.com/software/jira