[mapguide-trac] #337: Bad GETMAPIMAGE parameter causes IIS worker process pool to die

MapGuide Open Source trac_mapguide at osgeo.org
Fri Nov 23 15:57:22 EST 2007 

#337: Bad GETMAPIMAGE parameter causes IIS worker process pool to die
-----------------------+----------------------------------------------------
 Reporter:  jbirch     |         Owner:       
     Type:  defect     |        Status:  new  
 Priority:  medium     |     Milestone:       
Component:  Map Agent  |       Version:  2.0.0
 Severity:  major      |    Resolution:       
 Keywords:             |   External_id:       
-----------------------+----------------------------------------------------
Old description:

> I was messing around swapping around parameters to see if I could get
> 8bit PNG (yes I know it's not supported in GetMapImage) and found that
> entering PNG8 into a GetMapImage call caused my IIS worker process to
> die, with an error in the System Application log, but none in the
> MapGuide logs.  Here's a sample of the request I made:
>
> {{{
> http://localhost/mapguide/mapagent/mapagent.fcgi?session=3b5ee024-0000-
> 1000-8000-
> 000c293f205f_en_0A0A6EC10AFC0AFB0AFA&mapname=Sheboygan&operation=GETMAPIMAGE&format=PNG8&version=1.0.0&ts=1195850858076&locale=en&setdisplaydpi=96&setdisplayheight=1128&setdisplaywidth=1882.5&setviewcenterx=-87.71854751863403&setviewcentery=43.75168236754095&setviewscale=7759.005619599771
> }}}
>
> This kind of call should not be allowed to fail in a way that causes what
> is essentially a DOS vector.

New description:

 I was messing around swapping around parameters to see if I could get 8bit
 PNG (yes I know it's not supported in GetMapImage) and found that entering
 PNG8 into a GetMapImage call caused my IIS worker process to die, with an
 error in the System Application log, but none in the MapGuide logs.
 Here's a sample of the request I made:

 {{{

 http://localhost/mapguide/mapagent/mapagent.fcgi?session=3b5ee024-0000-
 1000-8000-
 000c293f205f_en_0A0A6EC10AFC0AFB0AFA&mapname=Sheboygan&operation=GETMAPIMAGE&format=PNG8&version=1.0.0&ts=1195850858076&locale=en&setdisplaydpi=96&setdisplayheight=1128&setdisplaywidth=1882.5&setviewcenterx=-87.71854751863403&setviewcentery=43.75168236754095&setviewscale=7759.005619599771

 }}}

 This kind of call should not be allowed to fail in a way that causes what
 is essentially a DOS vector.

-- 
Ticket URL: <http://trac.osgeo.org/mapguide/ticket/337#comment:1>
MapGuide Open Source <http://mapguide.osgeo.org/>
MapGuide Open Source Internals

More information about the mapguide-trac mailing list