Hongchao Deng created ZOOKEEPER-2146:
----------------------------------------
Summary: BinaryInputArchive readString should check length before
allocating memory
Key: ZOOKEEPER-2146
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2146
Project: ZooKeeper
Issue Type: Bug
Reporter: Hongchao Deng
Assignee: Hongchao Deng
Attachments: ZOOKEEPER-2146.patch
I recently observed a problem caused by malformed packets. ZK server crashed
because of OutOfMemoryError.
The reason is BinaryInputArchive didn't check the length before allocating
memory in readString():
{code}
public String readString(String tag) throws IOException {
int len = in.readInt();
if (len == -1) return null;
byte b[] = new byte[len];
...
{code}
I suggest to add the same check as in readBuffer.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
