You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-dev@hadoop.apache.org by "Wouter de Bie (JIRA)" <ji...@apache.org> on 2013/03/28 13:31:15 UTC

[jira] [Created] (HADOOP-9441) Denial of Service in IPC Server.java

Wouter de Bie created HADOOP-9441:
-------------------------------------

             Summary: Denial of Service in IPC Server.java
                 Key: HADOOP-9441
                 URL: https://issues.apache.org/jira/browse/HADOOP-9441
             Project: Hadoop Common
          Issue Type: Bug
          Components: ipc
    Affects Versions: 1.1.2
            Reporter: Wouter de Bie
            Priority: Minor


When experimenting with a pure python client for HDFS, I noticed that there is a DOS in the IPC Server. The IPC packet specifies the size (32bit int) of the protobuf payload and that size is directly used to create a buffer that is used to parse the protobuf message. This means that with malformed packets, clients are able to allocate 4G of memory on the heap (which in my case, blew the heap on my test cluster).

I haven't looked at a good way of solving this, but just wanted to raise the issue.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira