[jira] [Commented] (AVRO-2179) Malformed data, the BinaryDecoder allocates large arrays

Wed, 06 Jun 2018 13:55:09 -0700 


    [ 
https://issues.apache.org/jira/browse/AVRO-2179?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16503902#comment-16503902
 ] 

ASF GitHub Bot commented on AVRO-2179:
--------------------------------------

cutting commented on a change in pull request #311: AVRO-2179: Malformed data, 
the BinaryDecoder allocates large arrays
URL: https://github.com/apache/avro/pull/311#discussion_r193555719
 
 

 ##########
 File path: lang/java/avro/src/main/java/org/apache/avro/io/BinaryDecoder.java
 ##########
 @@ -257,6 +257,9 @@ public double readDouble() throws IOException {
   @Override
   public Utf8 readString(Utf8 old) throws IOException {
     int length = readInt();
+    if (limit > 0 && length > limit) {
 
 Review comment:
   I don't think 'limit' will always work here.  That's just the end of the 
current valid input buffer, which may or may not always include the current 
string being read.  From a file it might always include the current compression 
block, which would always include the string, but there are other cases where 
it might not.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


> Malformed data, the BinaryDecoder allocates large arrays
> --------------------------------------------------------
>
>                 Key: AVRO-2179
>                 URL: https://issues.apache.org/jira/browse/AVRO-2179
>             Project: Avro
>          Issue Type: Bug
>          Components: java
>    Affects Versions: 1.8.2
>            Reporter: Jonny
>            Priority: Critical
>         Attachments: image2018-5-10_11-7-40.png, image2018-5-11_21-27-56.png
>
>
> Recentlly I use avro find it has this problem:The memory suddenly explode and 
> trigger the fullgc, So I dump the memory file. And then I use jvisualvm tool 
> to analysis I found a org.apache.avro.util.Utf8 object and the bytes array 
> length was over 1610470037.
> The method of readInt() shouldn't over limit, So I think it should be 
> restricted.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to