Jump to content
Tuts 4 You
Sign in to follow this  
Pancake

Limit thread execution time

Recommended Posts

Pancake

Hello. Im coding small server with c++11 which is running on linux, everything works as fine as it should, but i got security question. It is multithreaded server, so every new client has new thread which exits at connection exit. Connection takes jsut few seconds, to check if the key is registered in the database. But the problem is, what if someone wants to fornication me up and opens many connections which lead to creation of so many threads that server will crash? I did not find any solution to limit the time of std::thread execution time, to kill it after 5 seconds if it not exited. Do you have any suggestions? Greetz

Hmm actually i think i found std::future and std::async.. :)

Edited by Pancake (see edit history)

Share this post


Link to post
simple

"just a few seconds"? r u on a 1g/2g connection? basic task like keycheck should be taking milliseconds

if by "limit thread execution time" u mean time ur code, there's a lot of ways to do that, but will still probably fail and slow ur code down even slower than it already is.

Better ways are to limit connections p/ip, limit countries, edit how many threads p/process (depending on distro shuld be somewhere in /etc), limit cpu consumption p/thread, limit memory consumption p/thread (and if it's really intense then use swap memory so real memory/cpu isn't affected) use one of millions of server admin tools to monitor server proc, make sure connect routine doesn't empty memory via new/malloc/etc, etc etc. Search around theres a lot of info on this

Share this post


Link to post
Pancake

What i mean is i spawn new thread which calls recv which is blocking (it doesnt block main program boviosuly, but hangs single thread). So theoretically someone who wants to spoil my thing can open many connections and NOT send a byte of data so my server will spawn huge ammount of threads, one per every connection, and every thread will be waiting for recv which will not come. And so the service will be blocked. So if someone would like to do so i would simply kill thread if its execution takes linger than 1-2 seconds.

I was also thinking of asynchronus solution but meh, the server is fully stable and working on multithread, just that theoretical flaw i worry about

Edited by Pancake (see edit history)

Share this post


Link to post
simple

No thats easy to do in practice not just theory.

I think u need to read Beej's guide to network programming & learn sockets. Few exceptions aside, for a million reasons - all sockets should be non blocking - even MS says it in their docs. 

W/non blocking - u can tell recv() exactly how long to wait for, so if no data is read past 1-2 seconds recv() will return w/0, program execution continues.

Then I'd limit connections p/IP to 2 or 3, limit # of thread p/proc to maybe 500 or so & u should be ok.

 

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
×
×
  • Create New...