Filed under “whoops”:
I wanted to look for a resource leak in one of my apps, but didn’t want to bother installing (and learning) some load test utility (which I really need to do, but not this morning). I made a quickie perl script:
NOTE: there should be semicolons after the system calls, but WordPress is returning error 503 if I do that. I’ll have to look into it later (between the “no image uploads from ecto” bug in 2.0.1 and this error in (I’m guessing) 2.0.2, I’m really loving WP right now…)
while($counter++ < 50000)
{
print $counter . “\n”;
system(”curl http://url.com > /dev/null”)
}
Unfortunately, my URL had parameters:
while($counter++ < 50000)
{
print $counter . “\n”;
system(”curl http://url.com&x=5 > /dev/null”)
}
It only took a second after I ran it to realize that I’d just spawned hundreds (growing into thousands) of requests with the ampersand being interpreted as “run in the background,” which was good for load I suppose, but not good for a lot of other things.
Proper code:
while($counter++ < 50000)
{
print $counter . “\n”;
system(”curl http://url.com\\&x=5 > /dev/null”)
}
And yes, my first run only had a single backslash, which was ignored as an invalid escape sequence. Urgh.
Now if I could just recreate the leak…
Randal L. Schwartz | 17-Mar-06 at 11:59 am | Permalink
That’s why it’s important to know about system/exec with multiple arguments. Never a chance that a shell will be invoked, so no chance that shell-significant chars will mess up your day.
Also, why the heck are you invoking curl instead of just using LWP::Simple?
Luke | 17-Mar-06 at 12:29 pm | Permalink
Heh, most of the libraries on my install seem to be messed up - it’s one of those things I’ve been meaning to fix, but haven’t gotten to yet. For a one-off job, curl’s a whole lot easier than reinstalling Perl. :)