Summary
Multiple files in the repository make HTTP requests using the requests library without specifying timeout parameters. This can cause the application to hang indefinitely if the remote server becomes unresponsive, leading to resource exhaustion and poor reliability.
Severity
Medium - This affects reliability and can cause builds/jobs to hang indefinitely.
Affected Files
zorg/jenkins/build.py (line 16)premerge/ops-container/process_llvm_commits.py (line 9)zorg/jenkins/jobs/util/submit-debuginfo-statistics-to-lnt.py (lines 49, 53)zorg/jenkins/jobs/util/submit-lldb-statistics-to-lnt.py (lines 62, 66)llvmbisect/llvmlab/gcs.py (line 5)
Problem Description
When making HTTP requests without a timeout parameter, the request will wait indefinitely for a response. This can lead to:
- Resource Exhaustion: Threads/processes hang waiting for responses that never come
- Poor User Experience: Jobs appear to be running but are actually stuck
- Difficult Debugging: No clear error message when timeouts occur
- Build System Failures: CI/CD pipelines can hang indefinitely
Example of Current Code
# ❌ No timeout specified
requests.post("http://104.154.54.203/db_default/v4/nts/submitRun", data=to_send).raise_for_status()
requests.get(url)
Summary
Multiple files in the repository make HTTP requests using the
requestslibrary without specifying timeout parameters. This can cause the application to hang indefinitely if the remote server becomes unresponsive, leading to resource exhaustion and poor reliability.Severity
Medium - This affects reliability and can cause builds/jobs to hang indefinitely.
Affected Files
zorg/jenkins/build.py(line 16)premerge/ops-container/process_llvm_commits.py(line 9)zorg/jenkins/jobs/util/submit-debuginfo-statistics-to-lnt.py(lines 49, 53)zorg/jenkins/jobs/util/submit-lldb-statistics-to-lnt.py(lines 62, 66)llvmbisect/llvmlab/gcs.py(line 5)Problem Description
When making HTTP requests without a timeout parameter, the request will wait indefinitely for a response. This can lead to:
Example of Current Code