[
https://issues.apache.org/jira/browse/CASSANDRA-3017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13480465#comment-13480465
]
Kirk True edited comment on CASSANDRA-3017 at 10/19/12 10:33 PM:
-----------------------------------------------------------------
Is this valid anymore? As of today, trunk contains this:
\\
\\
{noformat}
private InetAddress receiveMessage(DataInputStream input, int version) throws
IOException
{
if (version < MessagingService.VERSION_12)
input.readInt(); // size of entire message. in 1.0+ this is just a
placeholder
{noformat}
\\
So is this a non-issue now? I'd like to help but need some more information.
was (Author: kirktrue):
Is this valid anymore, trunk as of today contains this:
{noformat}
private InetAddress receiveMessage(DataInputStream input, int version)
throws IOException
{
if (version < MessagingService.VERSION_12)
input.readInt(); // size of entire message. in 1.0+ this is just a
placeholder
{noformat}
I'd like to help but need some more information.
> add a Message size limit
> ------------------------
>
> Key: CASSANDRA-3017
> URL: https://issues.apache.org/jira/browse/CASSANDRA-3017
> Project: Cassandra
> Issue Type: Improvement
> Components: Core
> Reporter: Jonathan Ellis
> Assignee: Kirk True
> Priority: Minor
> Labels: lhf
> Attachments:
> 0001-use-the-thrift-max-message-size-for-inter-node-messa.patch
>
>
> We protect the server from allocating huge buffers for malformed message with
> the Thrift frame size (CASSANDRA-475). But we don't have similar protection
> for the inter-node Message objects.
> Adding this would be good to deal with malicious adversaries as well as a
> malfunctioning cluster participant.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
