[ZOOKEEPER-2146] BinaryInputArchive readString should check length before allocating memory - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.4.7, 3.5.1, 3.6.0
Component/s: None
Labels:
None

Description

I recently observed a problem caused by malformed packets. ZK server crashed because of OutOfMemoryError.

The reason is BinaryInputArchive didn't check the length before allocating memory in readString():

  public String readString(String tag) throws IOException {
    	int len = in.readInt();
    	if (len == -1) return null;
    	byte b[] = new byte[len];
        ...

I suggest to add the same check as in readBuffer.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

ZOOKEEPER-2146.patch
20/Mar/15 23:08
2 kB
Hongchao Deng
ZOOKEEPER-2146.patch
23/Mar/15 16:30
2 kB
Hongchao Deng
ZOOKEEPER-2146.patch
23/Mar/15 22:52
2 kB
Hongchao Deng
ZOOKEEPER-2146.patch
24/Mar/15 22:04
4 kB
Hongchao Deng
ZOOKEEPER-2146.patch
24/Mar/15 23:16
4 kB
Hongchao Deng

Activity

People

Assignee:: Hongchao Deng

Reporter:: Hongchao Deng

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 20/Mar/15 23:07

Updated:: 18/Apr/15 00:48

Resolved:: 25/Mar/15 07:40