[AVRO-1111] Malformed data can cause OutOfMemoryError in Avro IPC - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.6.3
Fix Version/s: 1.7.2
Component/s: java
Labels:
None

Hadoop Flags:

Reviewed

Description

If the data that comes in through the Netty channel buffer is not framed correctly/is not valid Avro data, then the incoming data can cause arbitrarily large array lists to be created, causing OutOfMemoryError.

The relevant code(org.apache.avro.ipc.NettyTransportCodec):

private boolean decodePackHeader(ChannelHandlerContext ctx, Channel channel,
ChannelBuffer buffer) throws Exception {
if (buffer.readableBytes()<8)

{ return false; }

int serial = buffer.readInt();
listSize = buffer.readInt();
dataPack = new NettyDataPack(serial, new ArrayList<ByteBuffer>(listSize));
return true;
}

If the buffer does not have valid Avro data, the listSize variable can have arbitrary values, causing massive ArrayLists to be created, leading to OutOfMemoryErrors.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

AVRO-1111-1.patch
09/Sep/12 19:19
3 kB
Mike Percy
AVRO-1111-2.patch
11/Sep/12 07:16
3 kB
Mike Percy

Issue Links

blocks

FLUME-1259 Flume throws OutOfMemory error when sending data from netcat to avro source (negative test case)

Resolved

is related to

AVRO-1226 Non-Avro data causes runtime exceptions/errors when sent to Avro NettyTransceiver

Open

Activity

People

Assignee:: Mike Percy

Reporter:: Hari Shreedharan

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Dates

Created:: 08/Jun/12 22:37

Updated:: 08/Jan/13 17:54

Resolved:: 11/Sep/12 11:50