Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-15470

Potential Overflow in DatabaseDescriptor Functions That Convert Between KB/MB & Bytes

    XMLWordPrintableJSON

    Details

      Description

      DatabaseDescriptor has several functions that convert between user supplied sizes in KB/MB and bytes. These are implemented without much consistency and, while unlikely, several have the potential to overflow since validation on the input is missing. Meanwhile, some widen the number to a long correctly. Options include: widening in all places or simply doing better validation on start up — currently only the lower bound of the valid range is checked for many of these fields.

      List of Affected DatabaseDescriptor Methods:

      • getColumnIndexSize
      • getColumnIndexCacheSize
      • getBatchSizeWarnThreshold
      • getNativeTransportFrameBlockSize
      • getRepairSessionSpaceInMegabytes
      • getNativeTransportMaxFrameSize

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                mallika Mallika Kulkarni
                Reporter:
                jwest Jordan West
                Authors:
                Mallika Kulkarni
                Reviewers:
                Dinesh Joshi, Jordan West
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 10m
                  10m