[jira] [Commented] (AVRO-2179) Malformed data, the BinaryDecoder allocates large arrays

Thu, 08 Nov 2018 10:38:51 -0800 


    [ 
https://issues.apache.org/jira/browse/AVRO-2179?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16680119#comment-16680119
 ] 

ASF GitHub Bot commented on AVRO-2179:
--------------------------------------

dkulp closed pull request #311: AVRO-2179: Malformed data, the BinaryDecoder 
allocates large arrays
URL: https://github.com/apache/avro/pull/311
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git a/lang/java/avro/src/main/java/org/apache/avro/io/BinaryDecoder.java 
b/lang/java/avro/src/main/java/org/apache/avro/io/BinaryDecoder.java
index 3711d2bd2..622d2db4e 100644
--- a/lang/java/avro/src/main/java/org/apache/avro/io/BinaryDecoder.java
+++ b/lang/java/avro/src/main/java/org/apache/avro/io/BinaryDecoder.java
@@ -257,6 +257,9 @@ public double readDouble() throws IOException {
   @Override
   public Utf8 readString(Utf8 old) throws IOException {
     int length = readInt();
+    if (limit > 0 && length > limit) {
+      throw new AvroRuntimeException("Malformed data. Length is too long: " + 
length + ", limit: " + limit);
+    }
     Utf8 result = (old != null ? old : new Utf8());
     result.setByteLength(length);
     if (0 != length) {


 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Malformed data, the BinaryDecoder allocates large arrays
> --------------------------------------------------------
>
>                 Key: AVRO-2179
>                 URL: https://issues.apache.org/jira/browse/AVRO-2179
>             Project: Apache Avro
>          Issue Type: Bug
>          Components: java
>    Affects Versions: 1.8.2
>            Reporter: Jonny
>            Priority: Critical
>         Attachments: image2018-5-10_11-7-40.png, image2018-5-11_21-27-56.png
>
>
> Recentlly I use avro find it has this problem:The memory suddenly explode and 
> trigger the fullgc, So I dump the memory file. And then I use jvisualvm tool 
> to analysis I found a org.apache.avro.util.Utf8 object and the bytes array 
> length was over 1610470037.
> The method of readInt() shouldn't over limit, So I think it should be 
> restricted.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to