[
https://issues.apache.org/jira/browse/HBASE-26767?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Josh Elser resolved HBASE-26767.
--------------------------------
Hadoop Flags: Reviewed
Resolution: Fixed
Pushed! Thanks for the great work, Sergey.
> Rest server should not use a large Header Cache.
> ------------------------------------------------
>
> Key: HBASE-26767
> URL: https://issues.apache.org/jira/browse/HBASE-26767
> Project: HBase
> Issue Type: Bug
> Components: REST
> Affects Versions: 2.4.9
> Reporter: Sergey Soldatov
> Assignee: Sergey Soldatov
> Priority: Major
> Fix For: 2.5.0, 3.0.0-alpha-3, 2.4.10
>
>
> In the RESTServer we set the HeaderCache size to DEFAULT_HTTP_MAX_HEADER_SIZE
> (65536). That's not compatible with jetty-9.4.x because the cache size is
> limited by Character.MAX_VALUE - 1 (65534) there. According to the Jetty
> source code comments, it's possible to have a buffer overflow in the cache
> for higher values and that might lead to wrong/incomplete values returned by
> cache and following incorrect header handling.
> There are a couple of ways to fix it:
> 1. change the value of DEFAULT_HTTP_MAX_HEADER_SIZE to 65534
> 2. make header cache size configurable and set its size separately from the
> header size.
> I believe that the second would give us more flexibility.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
