Even More DiscoMD5 Nonsense


  • SockDev

    The level of 'special' being exposed by this thread is... special...



  • @anotherusername said:

    I wonder if I can mention @LB_?

    @Tsaukpaetra said:

    Huh. I bet it doesn't actually work, right?

    @RaceProUK said:

    (post withdrawn by author, will be automatically deleted in 42 hours unless flagged)



  • <!--

    aliceif

    @

    518ed29525738ceb

    dac49c49e60ea9d3283cfab0224afcc5

    5ddeb7094ebd1004

    -->

    6565f316d264966f19dc17ffcd7981a780a5c1c9538cacf57e9d772e8daa776ce11d3f63017f5e6aff626b2fa3649683


  • Impossible Mission Players - A

    Rejoice! Your first mention EVER!



  • Let's bring in <!--`kt_`--> @ac14135d35f6e49600097fa739a4da2b for his first too :<!---->)



  • So then what happens if you manufacture an MD5 of <script>alert("discourse sucks")</script>?



  • We've already tried using it to replace HTML... it gets converted to plain text.

    <script>alert("discourse sucks")</script>

    ba81dbcf9bafb5fe7411bc8eb82691b6

    Doesn't seem to be any way to exploit it, other than making gigantically massive posts (scroll up a ways and you'll see one).



  • <!-- `&lt;script&gt;alert('discourse sucks')&lt;/script&gt;` -->

    630c74247e38de51ba155c193720e75d

    Disclaimer: on mobile.



  • Come to think of it, have any (reasonably short) cycles in MD5 been found?

    I wonder if that would crash the server...



  • Someone explain why this hasn't been abused to trick two bots into mentioning eachother?


  • SockDev

    @Matches said:

    Someone explain why this hasn't been abused to trick two bots into mentioning eachother?

    because all the ones that are left are based off of SockBot and therefore explicitly ignore: Bots, TL0 users and (by default) @PaulaBean and @blakeyrat?



  • Let's see if I can think of ways to abuse this.

    I suppose you can do this:

    • Figure out the MD5 of something someone else will post
    • Figure out something else that MD5 collisions that
    • Post your triple ticked text first
    • Now their MD5 will resolve to your text and you'll permanently block them from using it

    Hmm-- how does this combine with the recent "streamed in like" attack. If I MD5 alert("discourze sux") and the post the MD5 and someone likes it while I'm watching my stream... ?


  • Dupa

    @LB_ said:

    Let's bring in @kt_ for his first too 🙂

    Changing my long name!

    (Actually, I think I'm going to be the first one to actually have their long name in the long name field. Long MD5 name, sure... but whatever.)



  • Wait... if *that* works...

    Then it should be possible to break @anotherusername's estimate of the max post size by quite a bit. Use one long <!-- `...` --> and then concatenate it twice (or whatever), get the new hash, concat that twice again, etc etc.

    12 iterations, starting with a single letter, results in (as expected) 4096 characters. (I stopped there to not be too obnoxious, but I guess doing some 32 or so iterations to get 4GB posts should be completely possible. Also, for obvious reasons, I strongly recommend not doing that.)

    <!-- `a` --> <!-- `0cc175b9c0f1b6a831c399e2697726610cc175b9c0f1b6a831c399e269772661` --> <!-- ` f3a0377ce26903122eb91b2851f97c96f3a0377ce26903122eb91b2851f97c96` --> <!-- `bcc17c71a6ae16c5d0427ade0e0f1aeebcc17c71a6ae16c5d0427ade0e0f1aee` --> <!-- `adea13f2893bc38f6e4d68314a330254adea13f2893bc38f6e4d68314a330254` --> <!-- `57ea69589902b05553f55f2060c730ed57ea69589902b05553f55f2060c730ed` --> <!-- `ff241f01aca8db70854610594b5e7ba1ff241f01aca8db70854610594b5e7ba1` --> <!-- `9850af1153dad895d00086de5b65e0a59850af1153dad895d00086de5b65e0a5` --> <!-- `1d4bce2d089a4b8102c929ae3fc9081f1d4bce2d089a4b8102c929ae3fc9081f` --> <!-- `5d59c14926ad867cc9390ad9622f4e815d59c14926ad867cc9390ad9622f4e81` --> <!-- `79dc7f1611b14365e6547253f861f7c779dc7f1611b14365e6547253f861f7c7` --> <!-- `1b20b014cd5eb4e4128df98ee880da9b1b20b014cd5eb4e4128df98ee880da9b` --> <!-- `8c10aae71382ec9a3d928af0d4a40fda8c10aae71382ec9a3d928af0d4a40fda` -->

    909ce9e9b6e566597f538aac0e346904


  • area_deu

    @cvi said:

    12 iterations, starting with a single letter, results in (as expected) 4096 characters. (I stopped there to not be too obnoxious, but I guess doing some 32 or so iterations to get 4GB posts should be completely possible. Also, for obvious reasons, I strongly recommend not doing that.)

    Quick, repost to meta.d!



  • To the JeffMobile!



  • @anotherusername said:

    Come to think of it, have any (reasonably short) cycles in MD5 been found?

    That's the first thing I went looking for but all I found were binary strings and mentions that you can't realistically find collisions using only printable characters.



  • @gleemonk said:

    That's the first thing I went looking for but all I found were binary strings and mentions that you can't realistically find collisions using only printable characters.

    You can find a cycle using only printable characters, though. How long that cycle's going to be, though...

    And wouldn't you be able to just start with one of the MD5 sums in the cycle? That's all-printable...



  • They don't repeatedly apply the hashes do they?!

    F . T . W
    61e9c06ea9a85a5088a499df6458d276b9ece18c950afbfa6b0fdbfa4ff731d3800618943025315f869e4e1f09471012

    I don't understand how the undefined 'parser' knows to replace 245b7a47ff9d94522052355ef73f4074 with the right character sequence. I don't write that letter-combination anywhere in my post. I wrote
    61e9 c06e a9a8 5a50 88a4 99df 6458 d276 b9ec e18c 950a fbfa 6b0f dbfa 4ff7 31d3 8006 1894 3025 315f 869e 4e1f 0947 1012 minus the spaces. So maybe what it does is replace the MD5 and then process the result again? Do they just replace until there are no replacements made anymore?



  • @gleemonk said:

    collisions using only printable characters

    Lemme try...

    4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74a3dc0783e7b9518afbfa200a8284bf36e8e4b55b35f427593d849676da0d1555d8360fb5f07fea2
    4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74a3dc0783e7b9518afbfa202a8284bf36e8e4b55b35f427593d849676da0d1d55d8360fb5f07fea2
    

    4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74a3dc0783e7b9518afbfa200a8284bf36e8e4b55b35f427593d849676da0d1555d8360fb5f07fea2

    4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74a3dc0783e7b9518afbfa202a8284bf36e8e4b55b35f427593d849676da0d1d55d8360fb5f07fea2

    I must be doing it wrong.


  • SockDev

    @gleemonk said:

    Do they just replace until there are no replacements made anymore?

    I guess they in fact do


  • SockDev

    @RaceProUK said:

    I guess they in fact do

    so..... if we have a corpus that we MD5, then we MD5 a couple of those hashes, and repeat that until we're about at the character limit, then use just one instance of that last MD5hash.....

    we can probably cause discourse to shit its pants so bad that the forum never comes back on line.....

    i forget, is that a bad thing or a good thing?



  • Let me rebuild my Discourse install and you're welcome to try it on there. 😆



  • @gleemonk said:

    They don't repeatedly apply the hashes do they?!

    yes, indeed they do 😐

    // If we hoisted out anything, put it back
    var keys = Object.keys(hoisted);
    if (keys.length) {
      var found = true;
    
      var unhoist = function(key) {
        result = result.replace(new RegExp(key, "g"), function() {
          found = true;
          return hoisted[key];
        });
      };
    

    followed by undefined

      while(found) {
        found = false;
        keys.forEach(unhoist);
      }
    

  • area_deu

    Can you do an MD5 for < and one for > and build a <script> tag that way? Or does the RubyRealEscapeHtmlSpecicalCharacters run last?

    <!--`<`--> <!--`>`-->

    524a50782178998021a88b8cd4c8dcd8scriptcedf8da05466bb54708268b3c694a78falert('holy shit!')524a50782178998021a88b8cd4c8dcd8/scriptcedf8da05466bb54708268b3c694a78f

    Damn.



  • Does it work in YouTube titles? Hmm...



  • How about just the script part?

    <!--`script`-->

    <3205c0ded576131ea255ad2bd38b0fb2>alert('how about just the script part?')</3205c0ded576131ea255ad2bd38b0fb2>

    <!--`onmouseover="alert('or just a mouseover?')"` -->

    or a mouseover?

    Dangit.


  • In that case my back-of-the-envelope calculations show that a 7.1 * 10^144 character post should be possible with the 32000 character length limit.

    ... how much storage did the discoserver have again?



  • @Lorne_Kates said:

    Let's see if I can think of ways to abuse this.

    I suppose you can do this:

    • Figure out the MD5 of something someone else will post
    • Figure out something else that MD5 collisions that
    • Post your triple ticked text first
    • Now their MD5 will resolve to your text and you'll permanently block them from using it

    It's per-post. An MD5 hash won't replace to anything if the backtick-quoted text that it matches isn't in the same post as the MD5 hash.



  • @NedFodder said:

    Lemme try...

    4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74a3dc0783e7b9518afbfa200a8284bf36e8e4b55b35f427593d849676da0d1555d8360fb5f07fea2
    4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74a3dc0783e7b9518afbfa202a8284bf36e8e4b55b35f427593d849676da0d1d55d8360fb5f07fea2

    Those are in hex and you need the binary string which looks like this when pasted:

    M�h��\ �r�w{r��o���V�J=�x>{�����(K�n�KU�_Bu��Igm��U]�`�_��

    MD5 of the original is 008ee33a9d58b51cfeb425b0959121c9 but disco doesn't see it.



  • Okay ladies and gents, have at it: https://discourse.element.ws/

    A undefined to the first person that can make me reboot the server.



  • @japonicus said:

    followed by undefined

    while(found) {
    found = false;
    keys.forEach(unhoist);
    }

    😃 that is insane 😃



  • @gleemonk said:

    Those are in hex

    Oops, I didn't notice that fact when I went looking for them here. Thanks.



  • I've gotten some 502 Bad Gateways, but nothing deserving of this quite yet... 😆



  • I'm disappointed that I can't make Discourse re-learn its abc's a billion times.



  • @cvi said:

    Wait... if that works...

    Then it should be possible to break @anotherusername's estimate of the max post size by quite a bit. Use one long <!-- ... --> and then concatenate it twice (or whatever), get the new hash, concat that twice again, etc etc.

    12 iterations, starting with a single letter, results in (as expected) 4096 characters. (I stopped there to not be too obnoxious, but I guess doing some 32 or so iterations to get 4GB posts should be completely possible. Also, for obvious reasons, I strongly recommend not doing that.)

    1. Yes, it should be possible. I had no idea that recursive replacement would work when I made that estimate; nothing else in the hashed text seemed to do anything.
    2. I wasn't able to actually reach my estimate; nowhere near it, actually. I suspect there's a hard limit on the cooked post in the database; anything much larger than what I actually posted resulted in server errors and didn't post.

    @Maciejasjmj said:

    You can find a cycle using only printable characters, though. How long that cycle's going to be, though...

    And wouldn't you be able to just start with one of the MD5 sums in the cycle? That's all-printable...

    Right! However, it would have to be a cycle with a length of 914 MD5 hashes or fewer, because you'll run into the 32,000 character post size limit. That's assuming each MD5 hash needs to be surrounded in single backticks with a space between every pair of MD5 hashes:

    `hash1` `hash2` `hash3` etc.
    

    @gleemonk said:

    They don't repeatedly apply the hashes do they?!

    @gleemonk said:

    So maybe what it does is replace the MD5 and then process the result again? Do they just replace until there are no replacements made anymore?

    Pretty :WTF:-y, right? But yes... it seems that's exactly what it must do. Hence my question of a reasonably short cycle (short enough to put every hash string in 1 post), which would probably put the parser in an infinite loop. 👿

    @accalia said:

    so..... if we have a corpus that we MD5, then we MD5 a couple of those hashes, and repeat that until we're about at the character limit, then use just one instance of that last MD5hash.....

    I think you'd just get a 502 error. My long post was originally supposed to be 32k characters exactly, but I got 502 errors until I shortened it way down.

    Now that I think about it, it's probably just crashing the process by running it out of memory. But that apparently doesn't bring the whole server down (surprisingly).



  • I've gotten Discourse to try and parse a long post. It runs, barfs, and then says 500 Internal Server Error.

    Surprise.



  • I think this is the longest I've been able to succeed with:

    https://discourse.element.ws/t/hh/25

    I'm trying not to give WTDWTF too many cooties:

    The source for that is:

    <!-- `lollollol` -->
    <!-- `7e573aedbe6d321228de54fcacee7ebd7e573aedbe6d321228de54fcacee7ebd7e573aedbe6d321228de54fcacee7ebd` -->
    <!-- `4c405f9076284090b1f7de13781a55d04c405f9076284090b1f7de13781a55d04c405f9076284090b1f7de13781a55d0` --> 
    <!-- `9ca087df8a66d4f418ef702dede2aca19ca087df8a66d4f418ef702dede2aca19ca087df8a66d4f418ef702dede2aca1` --> 
    <!-- `a89ae3fb15d218b4ef01cf713cbc768da89ae3fb15d218b4ef01cf713cbc768da89ae3fb15d218b4ef01cf713cbc768d` --> 
    <!-- `65bff87ee7a435fc4a61934fea0bf5c965bff87ee7a435fc4a61934fea0bf5c965bff87ee7a435fc4a61934fea0bf5c9` -->
    <!-- `7228869440eed58b71b83e3f9c8bc2ad7228869440eed58b71b83e3f9c8bc2ad7228869440eed58b71b83e3f9c8bc2ad` -->
    <!-- `b9a0f9596544b91b655a6c0b1b603c13b9a0f9596544b91b655a6c0b1b603c13b9a0f9596544b91b655a6c0b1b603c13` -->
    <!-- `1ad599e6aac7d2d4e98de19809ffcc8b1ad599e6aac7d2d4e98de19809ffcc8b1ad599e6aac7d2d4e98de19809ffcc8b` -->
    <!-- `6baf0f6cca8fea79aebf6912839cf6e26baf0f6cca8fea79aebf6912839cf6e26baf0f6cca8fea79aebf6912839cf6e2` -->
    <!-- `8aa87c222801c9dbfbd5c4e2da27532a8aa87c222801c9dbfbd5c4e2da27532a8aa87c222801c9dbfbd5c4e2da27532a` -->
    <!-- `5cb888fde87689c55fcde9bbd308b9635cb888fde87689c55fcde9bbd308b9635cb888fde87689c55fcde9bbd308b963` -->
    
    c4f8999b4559846d060d2214b594dad0
    


  • My long post in this topic was ~75% larger, so if your next step up is 2x that then it's probably too long.



  • $ repeat=6 seed="WHY WOULD YOU DO THAT?! "; for n in `seq $repeat`; do hash=$(echo -n "$seed" | md5sum | cut -d ' ' -f 1); echo "MD5 of \`$seed\` is $hash"; seed="$hash$hash"; done
    MD5 of WHY WOULD YOU DO THAT?! is 85d554f23a64478ab5d29e6aea6b4374
    MD5 of 85d554f23a64478ab5d29e6aea6b437485d554f23a64478ab5d29e6aea6b4374 is dcc22ae22fdb97e97d20e3b291f838d0
    MD5 of dcc22ae22fdb97e97d20e3b291f838d0dcc22ae22fdb97e97d20e3b291f838d0 is d858988586183ae94bbfc6c450334d3c
    MD5 of d858988586183ae94bbfc6c450334d3cd858988586183ae94bbfc6c450334d3c is 2f1a66a57bdfbc6af0d53d94332f4c06
    MD5 of 2f1a66a57bdfbc6af0d53d94332f4c062f1a66a57bdfbc6af0d53d94332f4c06 is f521f659e4a7d79a11e1c5ca2ae63fc8
    MD5 of f521f659e4a7d79a11e1c5ca2ae63fc8f521f659e4a7d79a11e1c5ca2ae63fc8 is 0efdb900a3de898fa9fcaa2bb988977d

    I'm gonna stop there.



  • RegexpError (failed to allocate memory: /\A[^%]*(?:%\h\h[^%]*)*\z/) /usr/local/lib/ruby/2.0.0/uri/common.rb:898:in `decode_www_form_component'
    


  • @loopback0 said:

    To the JeffMobile!

    Mobile? That's 29e4b66fa8076de4d7a26c727b8dbdfa

    @aliceif said:

    Quick, repost to meta.d!

    Except instead of aaaaaaaa, be sure to multi-cat DoingItWrong

    . <!-- ```different``` -->



  • @cvi said:

    ... how much storage did the discoserver have again?

    This is one of the few things DiscoPuss does server-side rather than farting out to the client. So the question is how much RAM does Discourse server have?



  • <!-- `Belgium` --> 6c1674d14bf5f95742f572cddb0641a7


  • area_deu

    @Lorne_Kates said:

    So the question is how much RAM does Discourse server have?

    Not enough.

    RegexpError (failed to allocate memory: /\A[^%]*(?:%\h\h[^%]*)*\z/)
    /usr/local/lib/ruby/2.0.0/uri/common.rb:898:in `decode_www_form_component'
    
    Backtrace:
    /usr/local/lib/ruby/2.0.0/uri/common.rb:898:in `decode_www_form_component'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/utils.rb:51:in `unescape'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/utils.rb:120:in `block (2 levels) in parse_nested_query'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/utils.rb:120:in `map'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/utils.rb:120:in `block in parse_nested_query'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/utils.rb:119:in `each'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/utils.rb:119:in `parse_nested_query'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/request.rb:371:in `parse_query'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/http/request.rb:339:in `parse_query'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/request.rb:215:in `POST'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/http/request.rb:308:in `POST'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/http/parameters.rb:14:in `parameters'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/http/filter_parameters.rb:37:in `filtered_parameters'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_controller/metal/instrumentation.rb:22:in `process_action'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/activerecord-4.2.5.1/lib/active_record/railties/controller_runtime.rb:18:in `process_action'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/abstract_controller/base.rb:137:in `process'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionview-4.2.5.1/lib/action_view/rendering.rb:30:in `process'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-mini-profiler-0.9.8/lib/mini_profiler/profiling_methods.rb:106:in `block in profile_method'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_controller/metal.rb:196:in `dispatch'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_controller/metal.rb:237:in `block in action'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/routing/route_set.rb:74:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/routing/route_set.rb:74:in `dispatch'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/routing/route_set.rb:43:in `serve'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/journey/router.rb:43:in `block in serve'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/journey/router.rb:30:in `each'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/journey/router.rb:30:in `serve'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/routing/route_set.rb:815:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-protection-1.5.3/lib/rack/protection/frame_options.rb:31:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/omniauth-1.3.1/lib/omniauth/strategy.rb:186:in `call!'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/omniauth-1.3.1/lib/omniauth/strategy.rb:164:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/omniauth-1.3.1/lib/omniauth/strategy.rb:186:in `call!'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/omniauth-1.3.1/lib/omniauth/strategy.rb:164:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/omniauth-1.3.1/lib/omniauth/strategy.rb:186:in `call!'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/omniauth-1.3.1/lib/omniauth/strategy.rb:164:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/omniauth-1.3.1/lib/omniauth/strategy.rb:186:in `call!'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/omniauth-1.3.1/lib/omniauth/strategy.rb:164:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/omniauth-1.3.1/lib/omniauth/strategy.rb:186:in `call!'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/omniauth-1.3.1/lib/omniauth/strategy.rb:164:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/omniauth-1.3.1/lib/omniauth/builder.rb:63:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/conditionalget.rb:38:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/head.rb:13:in `call'
    /var/www/discourse/lib/middleware/anonymous_cache.rb:129:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/params_parser.rb:27:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/flash.rb:260:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/session/abstract/id.rb:225:in `context'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/session/abstract/id.rb:220:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/cookies.rb:560:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/activerecord-4.2.5.1/lib/active_record/query_cache.rb:36:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/activerecord-4.2.5.1/lib/active_record/connection_adapters/abstract/connection_pool.rb:653:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:88:in `__run_callbacks__'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:778:in `_run_call_callbacks'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.5.1/lib/active_support/callbacks.rb:81:in `run_callbacks'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/callbacks.rb:27:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/remote_ip.rb:78:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/logster-1.0.1/lib/logster/middleware/reporter.rb:31:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/railties-4.2.5.1/lib/rails/rack/logger.rb:38:in `call_app'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/railties-4.2.5.1/lib/rails/rack/logger.rb:22:in `call'
    /var/www/discourse/config/initializers/100-quiet_logger.rb:10:in `call_with_quiet_assets'
    /var/www/discourse/config/initializers/100-silence_logger.rb:26:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.5.1/lib/action_dispatch/middleware/request_id.rb:21:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/methodoverride.rb:22:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/runtime.rb:18:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/sendfile.rb:113:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-mini-profiler-0.9.8/lib/mini_profiler/profiler.rb:282:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/message_bus-2.0.0.beta.2/lib/message_bus/rack/middleware.rb:60:in `call'
    /var/www/discourse/lib/middleware/request_tracker.rb:73:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/railties-4.2.5.1/lib/rails/engine.rb:518:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/railties-4.2.5.1/lib/rails/application.rb:165:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/railties-4.2.5.1/lib/rails/railtie.rb:194:in `public_send'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/railties-4.2.5.1/lib/rails/railtie.rb:194:in `method_missing'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/urlmap.rb:66:in `block in call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/urlmap.rb:50:in `each'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/rack-1.6.4/lib/rack/urlmap.rb:50:in `call'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/unicorn-5.0.1/lib/unicorn/http_server.rb:562:in `process_client'
    /var/www/discourse/lib/scheduler/defer.rb:85:in `process_client'
    /var/www/discourse/lib/middleware/unicorn_oobgc.rb:95:in `process_client'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/unicorn-5.0.1/lib/unicorn/http_server.rb:658:in `worker_loop'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/unicorn-5.0.1/lib/unicorn/http_server.rb:508:in `spawn_missing_workers'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/unicorn-5.0.1/lib/unicorn/http_server.rb:519:in `maintain_worker_count'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/unicorn-5.0.1/lib/unicorn/http_server.rb:283:in `join'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/gems/unicorn-5.0.1/bin/unicorn:126:in `<top (required)>'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/bin/unicorn:23:in `load'
    /var/www/discourse/vendor/bundle/ruby/2.0.0/bin/unicorn:23:in `<main>'
    

    Edit: undefined. But look at that shitheap of a call stack!



  • @anotherusername said:

    2. I wasn't able to actually reach my estimate; nowhere near it, actually. I suspect there's a hard limit on the cooked post in the database; anything much larger than what I actually posted resulted in server errors and didn't post.

    Ah, ok. Too bad.



  • I'm resizing the server now to 4GB and we'll see what happens then.



  • Resized. Powering on, editing app.yml and then loading DiscoFuck. 😄

    EDIT: It's back, baby!


  • area_deu

    More RAM sure helped 😉
    https://discourse.element.ws/t/md-fucking-5/26/1

    Yeah, DickSauce, let's OneBox a couple megs of X characters. Great idea.


  • area_deu

    This post is deleted!

Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.