Jordan West created CASSANDRA-15560:
---------------------------------------
Summary: Change io.compressor.LZ4Compressor to LZ4SafeDecompressor
Key: CASSANDRA-15560
URL: https://issues.apache.org/jira/browse/CASSANDRA-15560
Project: Cassandra
Issue Type: Improvement
Components: Feature/Compression
Reporter: Jordan West
Assignee: Jordan West
CASSANDRA-15556 and related tickets showed that LZ4FastDecompressor can crash
the JVM and that LZ4SafeDecompressor performs better w/o the crash risk — its
also not deprecated. While we protect ourselves by checksumming the compressed
data but that doesn’t mean we should leave deprecated code that can segfault
the jvm (providing a potential DDOS vector among other things) in crucial
places like io.compress.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
