Jsherwood0 update apache_rocketmq_update_config.rb to eliminate hang on check #19038
Conversation
Add a timeout to eliminate the hang in the check method
Eliminate rescue with no specific exception types.
| ::Timeout.timeout(datastore['ConnectTimeout']) do | ||
| @version_request_response = send_version_request | ||
| end |
There was a problem hiding this comment.
My same concerns from here apply as well.
There was a problem hiding this comment.
My same response from here applies to this change also.
There was a problem hiding this comment.
This would be better implemented as a change of this to be timed_read(1024) and then an adjustment here to handle nil and return CheckCode::Unknown.
There was a problem hiding this comment.
That seems to work pretty well, though the rescue after the timed_read should probably only print the stack trace when VERBOSE is set. There's no point in dumping a stack trace for known situations like timeouts, refused connections, unreachable hosts, etc. Did you want me to close this pull request so that you can submit your fix?
There was a problem hiding this comment.
If you want to make the changes, I can get them landed since we're both familiar with the issue at this point. If you'd prefer to not, then sure I can get a PR submitted.
|
These changes were implemented in #19141 so I'm going to close this out as a duplicate. Thanks for raising the issue to our attention. |
Add a timeout to eliminate the hang in the check method
This fix is to ensure that if all else fails, the check will timeout and allow progress to continue instead of hanging on a host that does not reply as expected. This addresses Issue #19035.
Verification
List the steps needed to make sure this thing works
msfconsoleuse exploit/multi/http/apache_rocketmq_update_configcheck