From 7b4572ae34c2c933d3a17c9a41f43b30fe864d81 Mon Sep 17 00:00:00 2001 From: Colin Kuskie Date: Tue, 20 Oct 2009 17:20:37 -0700 Subject: [PATCH] Make spectre wait a little bit between submitting CRON jobs to be run. Fixes bug #11093 --- docs/changelog/7.x.x.txt | 1 + lib/Spectre/Cron.pm | 16 ++++++++++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/docs/changelog/7.x.x.txt b/docs/changelog/7.x.x.txt index e41a509e2..6e21058e2 100644 --- a/docs/changelog/7.x.x.txt +++ b/docs/changelog/7.x.x.txt @@ -34,6 +34,7 @@ - fixed #11158: Calendar iCal feed doesn't show today's all-day events - added #10614: Force rich editor to use strong and em instead of b and i - fixed #11131: https / http URLs still caching across secure/insecure boundary + - fixed #11093: Spectre cron can DoS server with many sites 7.8.1 - mark $session->datetime->time as deprecated and remove its use from core code diff --git a/lib/Spectre/Cron.pm b/lib/Spectre/Cron.pm index 6bdf3fe8f..d13f2b876 100644 --- a/lib/Spectre/Cron.pm +++ b/lib/Spectre/Cron.pm @@ -162,8 +162,9 @@ sub checkSchedule { && $self->checkSegment($now->day, $job->{dayOfMonth}, [1..31]) && $self->checkSegment($now->month, $job->{monthOfYear}, [1..12]) && $self->checkSegment($now->dow % 7, $job->{dayOfWeek}, [0..6]) ) { - $self->debug("It's time to run ".$jobId.". Creating workflow instance."); - $kernel->yield("runJob",$jobId); + $self->debug("It's time to run ".$jobId.". Creating workflow instance in ".$self->{_jobDelay}." seconds."); + $kernel->delay_set("runJob", $self->{_jobDelay}, $jobId); + $self->{_jobDelay} += $self->config->get('timeBetweenRunningWorkflows'); } } @@ -180,8 +181,9 @@ sub checkSchedules { $self->debug("Checking schedules against current time."); my $now = DateTime->now(time_zone => 'local'); foreach my $id (keys %{$self->{_jobs}}) { - $kernel->yield("checkSchedule", $id, $now) + $kernel->delay_set("checkSchedule", $self->{_jobDelay}, $id, $now) } + $self->{_jobDelay} = $self->config->get('timeBetweenRunningWorkflows'); $kernel->delay_set("checkSchedules",60); } @@ -380,7 +382,13 @@ sub new { my $config = shift; my $logger = shift; my $debug = shift; - my $self = {_jobs=>{}, _debug=>$debug, _config=>$config, _logger=>$logger}; + my $self = { + _jobs => {}, + _debug => $debug, + _config => $config, + _logger => $logger, + _jobDelay => $config->get('timeBetweenRunningWorkflows'), + }; bless $self, $class; my @publicEvents = qw(runJob runJobResponse addJob deleteJob getJsonStatus); POE::Session->create(