[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294101#comment-17294101 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/Newtonsoft.Json-12.0.3 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294102#comment-17294102 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/Newtonsoft.Json-12.0.3 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294164#comment-17294164 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/System.CodeDom-5.0.0 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294159#comment-17294159 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/System.CodeDom-5.0.0 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294157#comment-17294157 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/System.CodeDom-5.0.0 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294162#comment-17294162 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/System.CodeDom-5.0.0 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294156#comment-17294156 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/System.CodeDom-5.0.0 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294158#comment-17294158 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/System.CodeDom-5.0.0 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294160#comment-17294160 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/System.CodeDom-5.0.0 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294163#comment-17294163 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/System.CodeDom-5.0.0 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294161#comment-17294161 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/System.CodeDom-5.0.0 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294109#comment-17294109 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/Newtonsoft.Json-12.0.3 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294107#comment-17294107 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/Newtonsoft.Json-12.0.3 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294103#comment-17294103 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/Newtonsoft.Json-12.0.3 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294104#comment-17294104 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/Newtonsoft.Json-12.0.3 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294106#comment-17294106 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/Newtonsoft.Json-12.0.3 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294105#comment-17294105 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/Newtonsoft.Json-12.0.3 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294108#comment-17294108 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/dependabot/nuget/lang/csharp/Newtonsoft.Json-12.0.3 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17289992#comment-17289992 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/master from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17290004#comment-17290004 ] ASF subversion and git services commented on AVRO-3049: --- Commit 4f9f97002e4d3e78766536563baceb36d02aeb0d in avro's branch refs/heads/branch-1.10 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=4f9f970 ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17290005#comment-17290005 ] ASF subversion and git services commented on AVRO-3049: --- Commit 4f9f97002e4d3e78766536563baceb36d02aeb0d in avro's branch refs/heads/branch-1.10 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=4f9f970 ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17290002#comment-17290002 ] ASF subversion and git services commented on AVRO-3049: --- Commit 4f9f97002e4d3e78766536563baceb36d02aeb0d in avro's branch refs/heads/branch-1.10 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=4f9f970 ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17290007#comment-17290007 ] ASF subversion and git services commented on AVRO-3049: --- Commit 4f9f97002e4d3e78766536563baceb36d02aeb0d in avro's branch refs/heads/branch-1.10 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=4f9f970 ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=1729#comment-1729 ] ASF subversion and git services commented on AVRO-3049: --- Commit 4f9f97002e4d3e78766536563baceb36d02aeb0d in avro's branch refs/heads/branch-1.10 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=4f9f970 ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17290008#comment-17290008 ] ASF subversion and git services commented on AVRO-3049: --- Commit 4f9f97002e4d3e78766536563baceb36d02aeb0d in avro's branch refs/heads/branch-1.10 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=4f9f970 ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17290001#comment-17290001 ] ASF subversion and git services commented on AVRO-3049: --- Commit 4f9f97002e4d3e78766536563baceb36d02aeb0d in avro's branch refs/heads/branch-1.10 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=4f9f970 ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17290003#comment-17290003 ] ASF subversion and git services commented on AVRO-3049: --- Commit 4f9f97002e4d3e78766536563baceb36d02aeb0d in avro's branch refs/heads/branch-1.10 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=4f9f970 ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17290006#comment-17290006 ] ASF subversion and git services commented on AVRO-3049: --- Commit 4f9f97002e4d3e78766536563baceb36d02aeb0d in avro's branch refs/heads/branch-1.10 from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=4f9f970 ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > Fix For: 1.11.0, 1.10.2 > > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17289993#comment-17289993 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/master from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17289989#comment-17289989 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/master from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17289990#comment-17289990 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/master from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17289995#comment-17289995 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/master from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17289994#comment-17289994 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/master from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17289991#comment-17289991 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/master from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17289988#comment-17289988 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/master from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17289987#comment-17289987 ] ASF subversion and git services commented on AVRO-3049: --- Commit 552ee9e3c1679fec9ecb959c7c12ed7bd91827b0 in avro's branch refs/heads/master from John Karp [ https://gitbox.apache.org/repos/asf?p=avro.git;h=552ee9e ] AVRO-3049: Add checks to BinaryDecoder for bytes length (#1098) * AVRO-3049: Handle negative length for bytes * AVRO-3049: Don't try to allocate beyond VM limits for bytes * AVRO-3049: Use clearer unit test names * AVRO-3049: Use Assert.assertThrows for cleaner UTs * AVRO-3049: Add org.apache.avro.limits.bytes.maxLength property * AVRO-3049: mvn spotless:apply * AVRO-3049: Call super() from BinaryDecoder ctor * AVRO-3049: Add JavaDoc re BinaryDecoder limits > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (AVRO-3049) Java: BinaryDecoder lacks checks on bytes array length
[ https://issues.apache.org/jira/browse/AVRO-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17288450#comment-17288450 ] John Karp commented on AVRO-3049: - PR: https://github.com/apache/avro/pull/1098 > Java: BinaryDecoder lacks checks on bytes array length > -- > > Key: AVRO-3049 > URL: https://issues.apache.org/jira/browse/AVRO-3049 > Project: Apache Avro > Issue Type: Bug > Components: java >Reporter: John Karp >Assignee: John Karp >Priority: Major > > There are several checks on string length in BinaryDecoder. However, it lacks > the same checks for byte arrays. > * Negative lengths lead to IllegalArgumentException instead of > org.apache.avro.AvroRuntimeException > * Pathologically large (however legal) arrays can be allocated. Some > applications will be suffer denial of service if they are forced to allocate > 1 GB arrays repeatedly. -- This message was sent by Atlassian Jira (v8.3.4#803005)
