You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Trustin Lee (JIRA)" <ji...@apache.org> on 2007/10/16 10:18:50 UTC
[jira] Resolved: (DIRMINA-454) Trivial denial of service in
TextLineDecoder
[ https://issues.apache.org/jira/browse/DIRMINA-454?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Trustin Lee resolved DIRMINA-454.
---------------------------------
Resolution: Fixed
Thank you very much for the patch and the inspiration. The bug has been fixed. I made sure OOM is not thrown anymore and decoder continues to decode even after too long text line. Please confirm if the bug has been fixed and close this issue.
One difference from no-dos.patch is that OOM is not thrown immediately. It keeps discarding incoming data when client sends too long line, and throws an OOM error when EOL (line delimiter) is encountered. It was necessary behavior to make the decoder continue to work even after encountering broken data. ProtocolCodecFilter also has been improved to continue decoding after an exception is thrown. Please refer to the svn commit log for the detailed information. All these changes shouldn't affect existing applications.
> Trivial denial of service in TextLineDecoder
> --------------------------------------------
>
> Key: DIRMINA-454
> URL: https://issues.apache.org/jira/browse/DIRMINA-454
> Project: MINA
> Issue Type: Bug
> Components: Filter
> Affects Versions: 1.0.6, 1.1.3
> Reporter: Owen Jacobson
> Assignee: Trustin Lee
> Fix For: 1.1.4, 1.0.7
>
> Attachments: no-dos.patch
>
>
> In both of TextLineDecoder's decoding methods, the decoder only checks the size of input after it's found at least one line ending character. Infinitely long streams of, say, 'y's will cause the decoder to try to buffer up data until the JVM falls over.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.