[
https://issues.apache.org/jira/browse/OAK-3911?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Davide Giannella closed OAK-3911.
---------------------------------
> Integer overflow causing incorrect file handling in OakDirectory for file
> size more than 2 GB
> ---------------------------------------------------------------------------------------------
>
> Key: OAK-3911
> URL: https://issues.apache.org/jira/browse/OAK-3911
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: lucene
> Reporter: Chetan Mehrotra
> Assignee: Chetan Mehrotra
> Fix For: 1.2.11, 1.3.15, 1.0.27
>
> Attachments: OAK-3911-v1.patch
>
>
> In couple of cases we have seen strange error related to invalid seek. In
> such cases it was seen that file sizes are greater than 2GB. A close
> inspection of OakDirectory [1] shows that following calls in loadBlob and
> flushBlob are prone to integer overflow (Thanks [~tmueller])
> * {{int n = (int) Math.min(blobSize, length - index * blobSize);}}
> * {{int n = (int) Math.min(blobSize, length - i * blobSize);}}
> Above both {{blobSize}} and {{index}} and {{i}} are {{int}}. And
> multiplication of 2 int would be int that can cause overflow.
> {noformat}Caused by: java.io.IOException: Invalid seek request
> at
> org.apache.jackrabbit.oak.plugins.index.lucene.OakDirectory$OakIndexFile.seek(OakDirectory.java:288)
> at
> org.apache.jackrabbit.oak.plugins.index.lucene.OakDirectory$OakIndexInput.seek(OakDirectory.java:418)
> at
> org.apache.lucene.codecs.BlockTreeTermsReader.seekDir(BlockTreeTermsReader.java:223)
> at
> org.apache.lucene.codecs.BlockTreeTermsReader.<init>(BlockTreeTermsReader.java:142)
> {noformat}
> [1]
> https://github.com/apache/jackrabbit-oak/blob/trunk/oak-lucene/src/main/java/org/apache/jackrabbit/oak/plugins/index/lucene/OakDirectory.java#L361
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
