Uploaded image for project: 'Flink'
  1. Flink
  2. FLINK-6044

TypeSerializerSerializationProxy.read() doesn't verify the read buffer length

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 1.2.0
    • Fix Version/s: 1.3.0
    • Labels:
      None
    • Environment:

      Ubuntu server 12.04.5 64 bit
      java version "1.8.0_111"
      Java(TM) SE Runtime Environment (build 1.8.0_111-b14)
      Java HotSpot(TM) 64-Bit Server VM (build 25.111-b14, mixed mode)

      Description

      The read() method of TypeSerializerSerializationProxy creates a buffers and tries to fill it by calling the read() method of the given DataInputView, but never checks the return value. The actual size read from the stream might be smaller than the buffer size, and the rest of the buffer is filled with zeroes, causing the deserialization to fail.
      It happened to me using a RocksDB state backend backed by S3. The setup was done according to https://ci.apache.org/projects/flink/flink-docs-release-1.2/setup/aws.html#s3-simple-storage-service and everything worked correctly until I upgraded to Flink 1.2.0.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                srichter Stefan Richter
                Reporter:
                avihai.berkovitz@microsoft.com Avihai Berkovitz
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: