Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

multer (1.4.1) hangs on malformed POST data

See original GitHub issue

Multer hangs on malformed POST data. To reproduce the problem just run this script against any multer enabled URL.

$ multer-hang.sh <any-multer-post-url>

The script uses a minimal real world payload produced by this IE bug.

Issue Analytics

State:
Created 5 years ago
Comments:5 (5 by maintainers)

Top GitHub Comments

2reactions

LinusUcommented, Nov 23, 2019

I agree with @gireeshpunathil assessment!

Basically we cannot really do anything else then waiting for the timeout if the client says “I’m going to send you 2000 bytes”, then only sends 100 bytes…

happy to reopen if more information surfaces!

1reaction

gireeshpunathilcommented, Sep 12, 2019

we (@HarshithaKP and I) did some further debugging on this and found the following:

the server intercepts the request, and passes it onto to multer
multer sets up the middleware function and delegate the control to busboy
busboy reads the header, and establishes the necessary event handlers accordingly
busboy pipes the request to itself. the intent is to continue reading the input (when it arrives), parse, and invoke associated handlers.

As the request is malformed (less data than it claimed), none of these preparations are used anytime - basically nothing happens.

server goes on to listen for other requests
client hangs, as it does not get response from server

the scenario will continue until one of the entity times out.

I see no issues here, other than the resources being held up at server for a duration that is longer than desired; but that is where the timeout tuning becomes important.

In short, my assessment is that things are working as designed; however, would love to hear from @wesleytodd or others. thanks!

Top Results From Across the Web

Uncaught exception on malformed multipart error on prod env ...

My aim is to crash the server on local once so that I can add exception handlers to avoid crashes on prod env....

This version has been deprecated - multer - npm

Author message: Multer 1.x is affected by CVE-2022-24434. This is fixed in v1.4.4-lts.1 which drops support for versions of Node.js before 6 ...

body-parser | Yarn - Package Manager

Parse incoming request bodies in a middleware before your handlers, available under the req.body property. Note As req.body 's shape is based on...

nettoyage repos · 05c936003a - mytinydc-openvpn - Gitea: Git for ...

1.4.1 / 2014-06-19. ================== ... [multer](https://www.npmjs.org/package/multer#readme) ... This typically occurs when the request is malformed,.

Untitled

Berthierite mineral data, Christ the king high school uniform, Montmartre paris safe ... Son yun ju instagram, Energyxt 1.4.1 download, Indian city states, ......