Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-2146

BinaryInputArchive readString should check length before allocating memory

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.4.7, 3.5.1, 3.6.0
    • None
    • None

    Description

      I recently observed a problem caused by malformed packets. ZK server crashed because of OutOfMemoryError.

      The reason is BinaryInputArchive didn't check the length before allocating memory in readString():

        public String readString(String tag) throws IOException {
          	int len = in.readInt();
          	if (len == -1) return null;
          	byte b[] = new byte[len];
              ...
      

      I suggest to add the same check as in readBuffer.

      Attachments

        1. ZOOKEEPER-2146.patch
          4 kB
          Hongchao Deng
        2. ZOOKEEPER-2146.patch
          4 kB
          Hongchao Deng
        3. ZOOKEEPER-2146.patch
          2 kB
          Hongchao Deng
        4. ZOOKEEPER-2146.patch
          2 kB
          Hongchao Deng
        5. ZOOKEEPER-2146.patch
          2 kB
          Hongchao Deng

        Activity

          People

            hdeng Hongchao Deng
            hdeng Hongchao Deng
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: