This repository was archived by the owner on Oct 1, 2018. It is now read-only.
This repository was archived by the owner on Oct 1, 2018. It is now read-only.
Specially crafted SWA request can take down server with OOM #77
Description
Currently there is no protection against malicious SWA requests where the SOAP part of the request is specially crafted to consume as much memory as possible on the server (in the XML parser). This might lead to OOM and system unavailability. We have created a fix (lets you set max size of body part) that can be found here: https://github.com/digipost/saaj/commit/1e65b801508e6be12ece76120dd00ad04022f4c0
Affected Versions
[current]