You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by "Rajini Sivaram (JIRA)" <ji...@apache.org> on 2015/09/11 12:41:45 UTC

[jira] [Updated] (KAFKA-2534) SSLTransportLayer does not handle buffer overflow correctly

     [ https://issues.apache.org/jira/browse/KAFKA-2534?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Rajini Sivaram updated KAFKA-2534:
----------------------------------
    Reviewer: Sriharsha Chintalapani
      Status: Patch Available  (was: Open)

> SSLTransportLayer does not handle buffer overflow correctly
> -----------------------------------------------------------
>
>                 Key: KAFKA-2534
>                 URL: https://issues.apache.org/jira/browse/KAFKA-2534
>             Project: Kafka
>          Issue Type: Bug
>          Components: network
>    Affects Versions: 0.8.3
>            Reporter: Rajini Sivaram
>            Assignee: Rajini Sivaram
>             Fix For: 0.8.3
>
>
> There are a couple of issues with the handling of buffer overflow in {{SSLTransportLayer}}.
> # {{netWriteBuffer}} is flipped immediately after {{wrap()}}, leaving the data ready for writing onto the socket channel. If {{netWriteBuffer}} is expanded because {{wrap()}} returns BUFFER_OVERFLOW, the expanded buffer needs to be un-flipped before expansion and flipped afterwards to leave the resulting buffer in the same state. The current implementation does not do this and hence the expanded buffer is not as expected.
> # If {{handshakeUnwrap()}} returns a BUFFER_OVERFLOW because application buffer needs to be expanded, the current implementation expands the buffer and returns from the {{handshake()}} call. Since handshake data was already read from the network, this can result in the handshake never completing if no more data is received on the channel. {{handshakeUnwrap()}} should be invoked after application buffer expansion to process data that has already arrived.
> I will submit a PR with fixes for these along with unit tests which demonstrate these issues. I am not sure it is easy to trigger buffer overflow/underflow in a system test. Since these code paths are currently untested, unit tests which mock these scenarios may be useful.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)