You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@zookeeper.apache.org by "Hongchao Deng (JIRA)" <ji...@apache.org> on 2015/03/21 00:08:38 UTC

[jira] [Created] (ZOOKEEPER-2146) BinaryInputArchive readString should check length before allocating memory

Hongchao Deng created ZOOKEEPER-2146:
----------------------------------------

             Summary: BinaryInputArchive readString should check length before allocating memory
                 Key: ZOOKEEPER-2146
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2146
             Project: ZooKeeper
          Issue Type: Bug
            Reporter: Hongchao Deng
            Assignee: Hongchao Deng
         Attachments: ZOOKEEPER-2146.patch

I recently observed a problem caused by malformed packets. ZK server crashed because of OutOfMemoryError.

The reason is BinaryInputArchive didn't check the length before allocating memory in readString():
{code}
  public String readString(String tag) throws IOException {
    	int len = in.readInt();
    	if (len == -1) return null;
    	byte b[] = new byte[len];
        ...
{code}

I suggest to add the same check as in readBuffer.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)