[
https://issues.apache.org/jira/browse/AVRO-1610?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Clement Pellerin updated AVRO-1610:
-----------------------------------
Comment: was deleted
(was: Reporter ([email protected]) does not have permission to create
attachments in project AVRO. Following attachments found in the email have been
discarded:
- avro1610.patch)
> HttpTransceiver.java allocates arbitrary amount of memory
> ---------------------------------------------------------
>
> Key: AVRO-1610
> URL: https://issues.apache.org/jira/browse/AVRO-1610
> Project: Avro
> Issue Type: Bug
> Components: java
> Affects Versions: 1.7.7
> Reporter: Philip Zeyliger
>
> In {{HttpTransceiver.java}}, Avro does:
> {code}
> int length = (in.read()<<24)+(in.read()<<16)+(in.read()<<8)+in.read();
> if (length == 0) { // end of buffers
> return buffers;
> }
> ByteBuffer buffer = ByteBuffer.allocate(length);
> {code}
> This means that badly formatted input (like that produced by {{curl
> http://host/ --data foo}} and many common security scanners) will trigger an
> OutOfMemory exception. This is undesirable, especially combined with setups
> that kill the process on out of memory exceptions.
> This bug is similar in spirit to AVRO-1111.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
