You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kafka.apache.org by mj...@apache.org on 2023/02/08 05:40:26 UTC
[kafka] branch 3.4 updated: KAFAK-14660: Fix divide-by-zero vulnerability (#13175)
This is an automated email from the ASF dual-hosted git repository.
mjsax pushed a commit to branch 3.4
in repository https://gitbox.apache.org/repos/asf/kafka.git
The following commit(s) were added to refs/heads/3.4 by this push:
new 517ccb464b1 KAFAK-14660: Fix divide-by-zero vulnerability (#13175)
517ccb464b1 is described below
commit 517ccb464b1b7ac4657aa0b19292d0855ebfd9da
Author: Matthias J. Sax <ma...@confluent.io>
AuthorDate: Mon Jan 30 23:39:41 2023 -0800
KAFAK-14660: Fix divide-by-zero vulnerability (#13175)
This PR adds a safe-guard for divide-by-zero. While `totalCapacity` can never be zero, an explicit error message is desirable.
Reviewers: Bill Bejeck <bi...@confluent.io>, Guozhang Wang <gu...@confluent.io>
---
.../streams/processor/internals/assignment/StickyTaskAssignor.java | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/streams/src/main/java/org/apache/kafka/streams/processor/internals/assignment/StickyTaskAssignor.java b/streams/src/main/java/org/apache/kafka/streams/processor/internals/assignment/StickyTaskAssignor.java
index d9f7efa2a16..18abbc14c4a 100644
--- a/streams/src/main/java/org/apache/kafka/streams/processor/internals/assignment/StickyTaskAssignor.java
+++ b/streams/src/main/java/org/apache/kafka/streams/processor/internals/assignment/StickyTaskAssignor.java
@@ -91,6 +91,10 @@ public class StickyTaskAssignor implements TaskAssignor {
private void assignActive() {
final int totalCapacity = sumCapacity(clients.values());
+ if (totalCapacity == 0) {
+ throw new IllegalStateException("`totalCapacity` should never be zero.");
+ }
+
final int tasksPerThread = allTaskIds.size() / totalCapacity;
final Set<TaskId> assigned = new HashSet<>();