GitHub user hachikuji opened a pull request:
https://github.com/apache/kafka/pull/3558
MINOR: Safer handling of requests prior to SASL authentication
This implements two improvements for request handling prior to SASL
authentication:
1. Only parse request types that are allowed prior to authentication.
2. Limit the maximum request size (the default is 100Mb).
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/hachikuji/kafka
minor-restrict-presasl-request-parsing
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/kafka/pull/3558.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #3558
commit 02c7e50c91aad59ccd88700977363c1bb3f9340b
Author: Jason Gustafson
Date: 2017-07-14T16:53:10Z
MINOR: Safer handling of requests prior to SASL authentication
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---