Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

/tmp "crzmp*" never deleted after a POST #922

Closed
UnveilTech opened this issue Nov 20, 2023 · 10 comments · Fixed by #924
Closed

/tmp "crzmp*" never deleted after a POST #922

UnveilTech opened this issue Nov 20, 2023 · 10 comments · Fixed by #924

Comments

@UnveilTech
Copy link

Hi,
file: /corazawaf/coraza/[email protected]/internal/bodyprocessors/multipart.go
line: 61

"/tmp/crzmp*" files are never deleted after a POST.

bye Fred
@jcchavezs
Copy link
Member

Totally. Do you mind coming up with a PR fixing it?

@UnveilTech
Copy link
Author

Hi,
my issue is to inform the team, then it should be nice to fix it...

jcchavezs added a commit that referenced this issue Nov 21, 2023
@jcchavezs
chore: deletes content temporary file on close.
5a56bbd 
Fixes #922.
@jcchavezs jcchavezs mentioned this issue Nov 21, 2023
Merged
@UnveilTech
Copy link
Author

thnaks :o)

@M4tteoP M4tteoP mentioned this issue Jan 3, 2024
Closed
@victoredvardsson
Copy link

@jcchavezs @jptosso What is the status of this one? Currently our servers are running out of space since these are never deleted.

@jptosso
Copy link
Member

jptosso commented May 6, 2024

Hey! This was fixed long time ago in #924

Can you upgrade and try again ?

@victoredvardsson
Copy link

victoredvardsson commented May 6, 2024
edited
Loading

Hm ok, im using https://docs.crowdsec.net/docs/next/appsec/intro which should be using Coraza as engine for processing SecLang rules. Maybe its a bug at their end.

On another note, do you know if these files are also created by coraza "body999644643"?

@M4tteoP
Copy link
Member

M4tteoP commented May 6, 2024

This was fixed long time ago in #924

I might have missed something, but #924 is open so we probably have not yet a fix merged.

On another note, do you know if these files are also created by coraza "body999644643"?

I think you are referring to these files, created when the in-memory buffered is full:

coraza/internal/corazawaf/body_buffer.go

Line 78 in ec0497a

br.writer, err = os.CreateTemp(br.options.TmpPath, "body*")

@victoredvardsson
Copy link

Yes, that's correct. For some reason they are not deleted either. I have files from 23rd of April for example.

So what is the actual difference between crzmp* and body*?

@M4tteoP
Copy link
Member

M4tteoP commented May 6, 2024
edited
Loading

So what is the actual difference between crzmp* and body*?

crzmp* stores files that are getting uploaded as multipart/form-data, while body* stores generic POST payloads that are bigger than the in-memory limit

@victoredvardsson
Copy link

So what is the actual difference between crzmp* and body*?

crzmp* stores files that are getting uploaded as multipart/form-data, while body* stores generic POST payloads that are bigger than the in-memory limit

Thanks a lot for explaining. I guess the only option for now is to schedule some cron that actively deletes these files twice a day or so.

jcchavezs added a commit that referenced this issue May 9, 2024
@jcchavezs
chore: deletes content temporary file on close.
4d0d08e 
Fixes #922.
@victoredvardsson victoredvardsson mentioned this issue Jun 5, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore: deletes content temporary file on close. corazawaf/coraza
5 participants
@jptosso @jcchavezs @UnveilTech @M4tteoP @victoredvardsson