zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "sumit agrawal (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (ZOOKEEPER-3016) Follower QuorumCnxManager$Listener thread died due to incorrect client packet
Date Mon, 09 Apr 2018 10:13:00 GMT

     [ https://issues.apache.org/jira/browse/ZOOKEEPER-3016?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

sumit agrawal resolved ZOOKEEPER-3016.
--------------------------------------
    Resolution: Fixed

> Follower QuorumCnxManager$Listener thread died due to incorrect client packet
> -----------------------------------------------------------------------------
>
>                 Key: ZOOKEEPER-3016
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3016
>             Project: ZooKeeper
>          Issue Type: Bug
>    Affects Versions: 3.4.6
>            Reporter: sumit agrawal
>            Priority: Major
>
> While accepting connection from client, and message is incorrect, this causes NegativeArraySizeException
while creating byte array of negative size.
>  
> ~2018-03-02 23:51:21 [UTC:20180302T235121+0100]|INFO ||/xx.xx.xx.xx:3888hread|Coordination
> Received connection request /yy.yy.yy.yy:18320 (QuorumCnxManager.java:511)~
> ~2018-03-02 23:51:21 [UTC:20180302T235121+0100]|ERROR||/xx.xx.xx.xx:3888hread|Coordination
> Thread Thread[/xx.xx.xx.xx:3888,5,main] died (NIOServerCnxnFactory.java:44)~
>  ~java.lang.NegativeArraySizeException~
>  ~at org.apache.zookeeper.server.quorum.QuorumCnxManager.receiveConnection(QuorumCnxManager.java:242)~
>  ~at org.apache.zookeeper.server.quorum.QuorumCnxManager$Listener.run(QuorumCnxManager.java:513)~
>  
> Below is code reference having the issue.
> int num_remaining_bytes = din.readInt();
>  byte[] b = new byte[num_remaining_bytes];
>  
> This makes other node in quorum unable to connect to this node. Here client is security
scan app.
>  
> Check for invalid input must be present to avoid Node crashing and security.
>  
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message