Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-3016

Follower QuorumCnxManager$Listener thread died due to incorrect client packet

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.4.6
    • Fix Version/s: 3.4.7
    • Component/s: None
    • Labels:
      None

      Description

      While accepting connection from client, and message is incorrect, this causes NegativeArraySizeException while creating byte array of negative size.

       

      2018-03-02 23:51:21 [UTC:20180302T235121+0100]|INFO ||/xx.xx.xx.xx:3888hread|Coordination > Received connection request /yy.yy.yy.yy:18320 (QuorumCnxManager.java:511)

      2018-03-02 23:51:21 [UTC:20180302T235121+0100]|ERROR||/xx.xx.xx.xx:3888hread|Coordination > Thread Thread[/xx.xx.xx.xx:3888,5,main] died (NIOServerCnxnFactory.java:44)
      java.lang.NegativeArraySizeException
      at org.apache.zookeeper.server.quorum.QuorumCnxManager.receiveConnection(QuorumCnxManager.java:242)
      at org.apache.zookeeper.server.quorum.QuorumCnxManager$Listener.run(QuorumCnxManager.java:513)

       

      Below is code reference having the issue.

      int num_remaining_bytes = din.readInt();
      byte[] b = new byte[num_remaining_bytes];

       

      This makes other node in quorum unable to connect to this node. Here client is security scan app.

       

      Check for invalid input must be present to avoid Node crashing and security.

       

       

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                sumitagrawal sumit agrawal
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: