This project is archived and is in readonly mode.
[PATCH] ActiveSupport::Multibyte.clean is very slow
Reported by Beau Harrington | September 10th, 2009 @ 06:32 AM
The addition of a call to ActiveSupport::Multibyte#clean in ActionView::Helpers::TagHelper.escape_once in the recent security patch and 2.4.3 (9a68c72b4 and its parent) has led to a substantial increase in CPU usage on our servers.
Running each specified through a valid-character regexp is obviously expensive, but the patch can be improved somewhat by making a small tweak to ActiveSupport::Multibyte#clean and ActiveSupport::Multibyte#verify.
For 10000 runs on a 90 character string on my MacBook
Pro:
user system total real
clean-orig 9.760000 2.220000 11.980000 ( 12.030811)
clean-patched 6.230000 1.480000 7.710000 ( 7.734848)
user system total real
verify-orig 9.360000 2.240000 11.600000 ( 11.697971) verify-patched 5.970000 1.510000 7.480000 ( 7.529034)
I've attached the patch, tests pass.
Comments and changes to this ticket
-
Grant Hutchins September 10th, 2009 @ 11:50 PM
We ran into the same CPU usage spikes when we applied 2-2-CVE-2009-3009.patch to our Rails 2.2.2 gems.
Our production servers essentially became unusable and we had to roll back to the pristine 2.2.2 gems.
In internal testing, the additional CPU load is almost entirely removed by applying this patch.
-
Grant Hutchins September 11th, 2009 @ 12:04 AM
- Assigned user set to “Michael Koziarski”
-
Repository September 11th, 2009 @ 02:11 AM
- State changed from “new” to “committed”
(from [b4a0d1b21bca69635e43601e721122bb84a9197e]) Remove redundant checks for valid character regexp in ActiveSupport::Multibyte#clean and #verify.
[#3181 state:committed]
Signed-off-by: Jeremy Kemper jeremy@bitsweat.net
http://github.com/rails/rails/commit/b4a0d1b21bca69635e43601e721122... -
Repository September 11th, 2009 @ 02:11 AM
(from [095cf9135b3ae2e3f88effec9a47e4ae30a71940]) Remove redundant checks for valid character regexp in ActiveSupport::Multibyte#clean and #verify.
[#3181 state:committed]
Signed-off-by: Jeremy Kemper jeremy@bitsweat.net
http://github.com/rails/rails/commit/095cf9135b3ae2e3f88effec9a47e4... -
Repository September 11th, 2009 @ 02:11 AM
(from [a32eeebdcbf56f433e5a7410c0f235812c9fee00]) Remove redundant checks for valid character regexp in ActiveSupport::Multibyte#clean and #verify.
[#3181 state:committed]
Signed-off-by: Jeremy Kemper jeremy@bitsweat.net
http://github.com/rails/rails/commit/a32eeebdcbf56f433e5a7410c0f235... -
Repository September 11th, 2009 @ 02:11 AM
(from [81d828a14c82b882e31612431a56f830bdc1076f]) Remove redundant checks for valid character regexp in ActiveSupport::Multibyte#clean and #verify.
[#3181 state:committed]
Signed-off-by: Jeremy Kemper jeremy@bitsweat.net
http://github.com/rails/rails/commit/81d828a14c82b882e31612431a56f8... -
Repository September 11th, 2009 @ 02:11 AM
(from [38d65b03d6634b6993427213933aaa413a20c415]) Remove redundant checks for valid character regexp in ActiveSupport::Multibyte#clean and #verify.
[#3181 state:committed]
Signed-off-by: Jeremy Kemper jeremy@bitsweat.net
http://github.com/rails/rails/commit/38d65b03d6634b6993427213933aaa...
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile »
<h2 style="font-size: 14px">Tickets have moved to Github</h2>
The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>
People watching this ticket
Beau Harrington
Grant Hutchins
Michael Koziarski
Nobuhiro IMAI
Attachments
Referenced by
-
3181
[PATCH] ActiveSupport::Multibyte.clean is very slow
[#3181 state:committed]
-
3181
[PATCH] ActiveSupport::Multibyte.clean is very slow
[#3181 state:committed]
-
3181
[PATCH] ActiveSupport::Multibyte.clean is very slow
[#3181 state:committed]
-
3181
[PATCH] ActiveSupport::Multibyte.clean is very slow
[#3181 state:committed]
-
3181
[PATCH] ActiveSupport::Multibyte.clean is very slow
[#3181 state:committed]