Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 9B16E200C46 for ; Tue, 14 Mar 2017 14:50:50 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 99D15160B7E; Tue, 14 Mar 2017 13:50:50 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id E45C7160B89 for ; Tue, 14 Mar 2017 14:50:49 +0100 (CET) Received: (qmail 89891 invoked by uid 500); 14 Mar 2017 13:50:49 -0000 Mailing-List: contact issues-help@flink.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@flink.apache.org Delivered-To: mailing list issues@flink.apache.org Received: (qmail 89705 invoked by uid 99); 14 Mar 2017 13:50:48 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Mar 2017 13:50:48 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id A5E0E18217A for ; Tue, 14 Mar 2017 13:50:47 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.452 X-Spam-Level: * X-Spam-Status: No, score=1.452 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, RP_MATCHES_RCVD=-0.001, SPF_NEUTRAL=0.652, URIBL_BLOCKED=0.001] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id gVzyPt_AoK_z for ; Tue, 14 Mar 2017 13:50:43 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id C33365F474 for ; Tue, 14 Mar 2017 13:50:42 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id E28BEE087D for ; Tue, 14 Mar 2017 13:50:41 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id A0095243AA for ; Tue, 14 Mar 2017 13:50:41 +0000 (UTC) Date: Tue, 14 Mar 2017 13:50:41 +0000 (UTC) From: "ASF GitHub Bot (JIRA)" To: issues@flink.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (FLINK-6044) TypeSerializerSerializationProxy.read() doesn't verify the read buffer length MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Tue, 14 Mar 2017 13:50:50 -0000 [ https://issues.apache.org/jira/browse/FLINK-6044?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15924223#comment-15924223 ] ASF GitHub Bot commented on FLINK-6044: --------------------------------------- Github user StefanRRichter commented on the issue: https://github.com/apache/flink/pull/3533 CC @uce @tillrohrmann > TypeSerializerSerializationProxy.read() doesn't verify the read buffer length > ----------------------------------------------------------------------------- > > Key: FLINK-6044 > URL: https://issues.apache.org/jira/browse/FLINK-6044 > Project: Flink > Issue Type: Bug > Components: Type Serialization System > Affects Versions: 1.2.0 > Environment: Ubuntu server 12.04.5 64 bit > java version "1.8.0_111" > Java(TM) SE Runtime Environment (build 1.8.0_111-b14) > Java HotSpot(TM) 64-Bit Server VM (build 25.111-b14, mixed mode) > Reporter: Avihai Berkovitz > Assignee: Stefan Richter > Priority: Critical > > The read() method of TypeSerializerSerializationProxy creates a buffers and tries to fill it by calling the read() method of the given DataInputView, but never checks the return value. The actual size read from the stream might be smaller than the buffer size, and the rest of the buffer is filled with zeroes, causing the deserialization to fail. > It happened to me using a RocksDB state backend backed by S3. The setup was done according to https://ci.apache.org/projects/flink/flink-docs-release-1.2/setup/aws.html#s3-simple-storage-service and everything worked correctly until I upgraded to Flink 1.2.0. -- This message was sent by Atlassian JIRA (v6.3.15#6346)