You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by "Eli Collins (JIRA)" <ji...@apache.org> on 2012/05/01 23:16:51 UTC

[jira] [Commented] (HADOOP-8275) harden serialization logic against malformed or malicious input

    [ https://issues.apache.org/jira/browse/HADOOP-8275?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13266112#comment-13266112 ] 

Eli Collins commented on HADOOP-8275:
-------------------------------------

+1 looks good.  Test failures are unrelated (HADOOP-8330 and HADOOP-8110).
                
> harden serialization logic against malformed or malicious input
> ---------------------------------------------------------------
>
>                 Key: HADOOP-8275
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8275
>             Project: Hadoop Common
>          Issue Type: Bug
>    Affects Versions: 0.23.0
>            Reporter: Colin Patrick McCabe
>            Assignee: Colin Patrick McCabe
>            Priority: Minor
>         Attachments: HADOOP-8275.001.patch, HADOOP-8275.002.patch, HADOOP-8275.003.patch
>
>
> Harden serialization logic against malformed or malicious input.
> Add range checking to readVInt, to detect overflows, underflows, and larger-than-expected values.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira