Uploaded image for project: 'Apache Avro'
  1. Apache Avro
  2. AVRO-3226

OutOfMemoryException on invalid input for BinaryDecoder.ReadString on NetStandard 2.1+

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 1.11.0
    • csharp
    • None

    Description

      The BinaryDecoder.ReadString() method on NetStandard2.1+ produces an OutOfMemoryException if there is invalid input caused by this code:

       

      int length = ReadInt();
Span<byte> buffer = length <= StackallocThreshold ? stackalloc byte[length] :                (bufferArray = ArrayPool<byte>.Shared.Rent(length)).AsSpan(0, length);

       

      ArrayPool<byte>.Shared.Rent(length) will cause the exception if ReadInt() returns a big number like int.MaxValue.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. AVRO-3225 StackOverflowException on invalid input for BinaryDecoder.ReadString on NetStandard 2.1+

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              PSanetra Philip Sanetra
              PSanetra Philip Sanetra
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: