[
https://issues.apache.org/jira/browse/CASSANDRA-3017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14133403#comment-14133403
]
Jonathan Ellis commented on CASSANDRA-3017:
-------------------------------------------
bq. in all this time I've never heard of it actually being a problem
OTOH it's one of those things that just looks amateurish if someone decides to
check and see what happens...
The good news is that since we wrote our own protocol for CQL, it should be
straightforward to make sure we're measuring the same thing there as for
MessagingService.
> add a Message size limit
> ------------------------
>
> Key: CASSANDRA-3017
> URL: https://issues.apache.org/jira/browse/CASSANDRA-3017
> Project: Cassandra
> Issue Type: Improvement
> Components: Core
> Reporter: Jonathan Ellis
> Priority: Minor
> Labels: lhf
> Attachments:
> 0001-use-the-thrift-max-message-size-for-inter-node-messa.patch,
> trunk-3017.txt
>
>
> We protect the server from allocating huge buffers for malformed message with
> the Thrift frame size (CASSANDRA-475). But we don't have similar protection
> for the inter-node Message objects.
> Adding this would be good to deal with malicious adversaries as well as a
> malfunctioning cluster participant.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
