Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 0.23.0
    • Fix Version/s: 2.0.0-alpha
    • Component/s: None
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      Harden serialization logic against malformed or malicious input.

      Add range checking to readVInt, to detect overflows, underflows, and larger-than-expected values.

      1. HADOOP-8275.003.patch
        5 kB
        Colin Patrick McCabe
      2. HADOOP-8275.002.patch
        5 kB
        Colin Patrick McCabe
      3. HADOOP-8275.001.patch
        3 kB
        Colin Patrick McCabe

        Issue Links

          Activity

            People

            • Assignee:
              Colin Patrick McCabe
              Reporter:
              Colin Patrick McCabe
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development