[mod_python] file upload very slow in fieldStorage

Barry Pearce barry.pearce at copyrightwitness.net
Sun Mar 27 05:10:10 EST 2005 

Hi,

um. The problem is in the streaming itself.
use of req.readline does not limit the amount of memory used. Should a 
binary file be uploaded it potentially loads everything into memory.

I believe that all readline() calls involved in file data with or 
without the content disposition header should use a limited readline() - 
I am currently experimenting with my fix and  a 64KB buffer size seems 
to work well. Although this highlights other issues - namely the line 
'sline = line.strip()'. If the line size is not even remotely close to 
the boundary line length then the strip will just eat another ~64KB of 
memory...

Ill post new code when Its working to my satisfaction.

Cheers,
Barry

Nicolas Lehuen wrote:
> I've entered this in the JIRA bug repository :
> 
> http://issues.apache.org/jira/browse/MODPYTHON-40
> 
> Regards,
> Nicolas
> 
> 
> On Fri, 25 Mar 2005 14:20:42 -0600, Nick <nick at dd.revealed.net> wrote:
> 
>>Nicolas Lehuen wrote:
>>
>>>Like I've wrote in another mail, FieldStorage will stream only if the
>>>Content-Disposition header of the file part of the POST entity
>>>contains a filename attribute (see mod_python/util.py line 169). Maybe
>>>we should change this behaviour :
>>>
>>>1) Always stream to disk unless told otherwise
>>
>>I would agree this should be done.  Regardless of whether HTTP should or
>>should not be used for huge file uploads, it does leave you open to DoS.
>>
>>Nick
>>
>

More information about the Mod_python mailing list