avro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Philip Zeyliger (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AVRO-1610) HttpTransceiver.java allocates arbitrary amount of memory
Date Tue, 25 Nov 2014 05:49:13 GMT
Philip Zeyliger created AVRO-1610:
-------------------------------------

             Summary: HttpTransceiver.java allocates arbitrary amount of memory
                 Key: AVRO-1610
                 URL: https://issues.apache.org/jira/browse/AVRO-1610
             Project: Avro
          Issue Type: Bug
          Components: java
    Affects Versions: 1.7.7
            Reporter: Philip Zeyliger


In {{HttpTransceiver.java}}, Avro does:
{code}
      int length = (in.read()<<24)+(in.read()<<16)+(in.read()<<8)+in.read();
      if (length == 0) {                       // end of buffers
        return buffers;
      }
      ByteBuffer buffer = ByteBuffer.allocate(length);
{code}

This means that badly formatted input (like that produced by {{curl http://host/ --data foo}}
and many common security scanners) will trigger an OutOfMemory exception.  This is undesirable,
especially combined with setups that kill the process on out of memory exceptions.

This bug is similar in spirit to AVRO-1111.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message