Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-6457

LBHttpSolrServer: AIOOBE risk if counter overflows

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 4.0, 4.1, 4.2, 4.2.1, 4.3, 4.3.1, 4.4, 4.5, 4.5.1, 4.6, 4.6.1, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1, 4.9
    • Fix Version/s: 4.10.4, 5.0, 6.0
    • Component/s: clients - java
    • Labels:

      Description

      org.apache.solr.client.solrj.impl.LBHttpSolrServer
      line 442
      int count = counter.incrementAndGet();
      ServerWrapper wrapper = serverList[count % serverList.length];

      when counter overflows, the mod operation of
      "count % serverList.length" will start trying to use negative numbers as array indexes.

      suggess to fixup it ,eg:
      //keep count is greater than 0
      int count = counter.incrementAndGet() & 0x7FFFFFF;

        Attachments

          Activity

            People

            • Assignee:
              noble.paul Noble Paul
              Reporter:
              longkeyy longkeyy
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: