[
https://issues.apache.org/jira/browse/FLUME-2404?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14052716#comment-14052716
]
ASF subversion and git services commented on FLUME-2404:
--------------------------------------------------------
Commit f15f20785262ac3cb3e35c2a12e669b7a836d35f in flume's branch
refs/heads/trunk from [~mpercy]
[ https://git-wip-us.apache.org/repos/asf?p=flume.git;h=f15f207 ]
FLUME-2404. Make ScribeSource read buffer and max frame size configurable
Scribe default Thrift service maxReadBufferBytes and frame size varies
across Thrift versions. In some cases, these values are set to INT_MAX,
in other cases this is set to 16MB. To avoid OOM in certain cases and
incompatibilities in other cases, set the default to 16MB and also make
the parameters configurable.
(chenshangan and Marimuthu Ponnambalam via Mike Percy)
> Default maxReadBufferBytes might cause OOM and cause scribe source exit
> -----------------------------------------------------------------------
>
> Key: FLUME-2404
> URL: https://issues.apache.org/jira/browse/FLUME-2404
> Project: Flume
> Issue Type: Bug
> Components: Sinks+Sources
> Affects Versions: v1.5.0
> Reporter: chenshangan
> Assignee: chenshangan
> Fix For: v1.6.0
>
> Attachments: FLUME-2404-2.patch, FLUME-2404.patch
>
>
> We're using scribe source, some hacker like infosec guys send some malicious
> frames to flume with the frame size field set to a very big integer, then the
> thrift server inside scribe source will exit due to OOM. Then scribe source
> will keep wait_close state and can not accept any connection.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
