[
https://issues.apache.org/jira/browse/DIRMINA-454?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12532823
]
Owen Jacobson commented on DIRMINA-454:
---------------------------------------
It seems to me that there's no reason to buffer up more than (maximum encoding
size) * (line length) bytes + overflow from one receive call, anyways. For
practical purposes the maximum encoding size is 4 bytes, I believe.
Alternately, the line length cap should either be replaced or augmented by a
byte length cap (defaulting to the above, maybe) to give users a little more
control over whether or not to die of OutOfMemoryErrors.
> Trivial denial of service in TextLineDecoder
> --------------------------------------------
>
> Key: DIRMINA-454
> URL: https://issues.apache.org/jira/browse/DIRMINA-454
> Project: MINA
> Issue Type: Bug
> Components: Filter
> Affects Versions: 1.1.2
> Reporter: Owen Jacobson
>
> In both of TextLineDecoder's decoding methods, the decoder only checks the
> size of input after it's found at least one line ending character.
> Infinitely long streams of, say, 'y's will cause the decoder to try to buffer
> up data until the JVM falls over.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
