avro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hari Shreedharan (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AVRO-1111) Malformed data can cause OutOfMemoryError in Avro IPC
Date Fri, 08 Jun 2012 22:39:22 GMT
Hari Shreedharan created AVRO-1111:
--------------------------------------

             Summary: Malformed data can cause OutOfMemoryError in Avro IPC
                 Key: AVRO-1111
                 URL: https://issues.apache.org/jira/browse/AVRO-1111
             Project: Avro
          Issue Type: Bug
          Components: java
    Affects Versions: 1.6.3
            Reporter: Hari Shreedharan


If an the data the comes in through the Netty channel buffer is not framed correctly, then
the incoming data can cause arbitrarily large array lists to be created, causing OutOfMemoryError.


The relevant code(org.apache.avro.ipc.NettyTransportCodec):

private boolean decodePackHeader(ChannelHandlerContext ctx, Channel channel,
ChannelBuffer buffer) throws Exception {
if (buffer.readableBytes()<8) { return false; }

int serial = buffer.readInt();
listSize = buffer.readInt();
dataPack = new NettyDataPack(serial, new ArrayList<ByteBuffer>(listSize));
return true;
}

If the variable - buffer does not have valid Avro data, the listSize variable can have arbitrary
values, causing massive ArrayLists to be created, leading to OutOfMemoryErrors.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message