Announcement

Collapse
No announcement yet.

Got a packet bigger than 'max_allowed_packet' bytes

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Got a packet bigger than 'max_allowed_packet' bytes

    Hi

    I just received three mails, filled with 4MB of ... bull****, coming from vbulletin In fact, a user made it to let execute vbulletin search.php this query:

    Database error in vBulletin 3.0.3:
    Invalid SQL:
    SELECT postid
    FROM postindex
    WHERE wordid
    IN(1,2,3,4,5,6,7,8,9,10,11,12,[...],334145,334146,334147,334148)


    mysql error: Got a packet bigger than 'max_allowed_packet' bytes
    mysql error number: 1153
    Date: Monday 13th of December 2004 05:18:10 PM
    Script:
    http://www.skilled.ch/vb/search.php
    Referer: http://www.skilled.ch/vb/search.php?
    Username: abcxyz
    IP Address: 1.2.3.4

    In the WHERE-statement, there was every single number from 1 to 334148. well, max_allowed_packet is somethig like 1M or 2M, so this huge query was rejected.

    how is something possible? how did this use made it? isn't this a security hole?

    sorry for my bad english I hope, you understand me anyway

  • #2
    Make this change to my.cnf:

    set-variable=max_allowed_packet=xM

    Change it to the size ('x') you want in Megabytes. Restart MySQL after making these changes.
    Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
    Change CKEditor Colors to Match Style (for 4.1.4 and above)

    Steve Machol Photography


    Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


    Comment


    • #3
      Steve, i don't want do change my max_allowed_packet. i want to prevent that my users execute 4MB queries and i still wonder how he made this.

      sorry for my bad english I hope, you understand me anyway

      Comment


      • #4
        You can reduce the number of search results in the Admin CP. Other thaqn that I don't think there is anything else you can do except incread the max_packet_size.
        Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
        Change CKEditor Colors to Match Style (for 4.1.4 and above)

        Steve Machol Photography


        Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


        Comment


        • #5
          I just talked to the user who produced this sql-error. he searched for '*', cause he wanted to search for all posts in a single forum (dunno why, but he did that ). * matched all entries in word table, so this query was the logical result.

          does this mean that i have to turn off 'Allow Search Wild Cards'? i'd like to keep this option on, but this is an invitation to flood my mailbox

          sorry for my bad english I hope, you understand me anyway

          Comment


          • #6
            You could try that - or you could just reduce the number of search results as I suggested earlier.
            Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
            Change CKEditor Colors to Match Style (for 4.1.4 and above)

            Steve Machol Photography


            Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


            Comment


            • #7
              reducing the numer of serach results didn't change anything. i decreased it from 500 to 20, still getting this error. it seams like vbulletin is executing this query before it checks about the limitation of search results.

              sorry for my bad english I hope, you understand me anyway

              Comment


              • #8
                Then try eliminating wildcards. If that doesn't work then I don't know of any way to stop this error except by increasing the max_packet_size.
                Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
                Change CKEditor Colors to Match Style (for 4.1.4 and above)

                Steve Machol Photography


                Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


                Comment

                widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                Working...
                X