Rajini Sivaram created KAFKA-3169:
-------------------------------------
Summary: Kafka broker throws OutOfMemory error with invalid SASL
packet
Key: KAFKA-3169
URL: https://issues.apache.org/jira/browse/KAFKA-3169
Project: Kafka
Issue Type: Bug
Components: security
Affects Versions: 0.9.0.0
Reporter: Rajini Sivaram
Assignee: Rajini Sivaram
Priority: Critical
Receive buffer used in Kafka servers to process SASL packets is unbounded. This
can results in brokers crashing with OutOfMemory error when an invalid SASL
packet is received.
There is a standard SASL property in Java _javax.security.sasl.maxbuffer_ that
can be used to specify buffer size. When properties are added to the Sasl
implementation in KAFKA-3149, we can use the standard property to limit receive
buffer size.
But since this is a potential DoS issue, we should set a reasonable limit in
0.9.0.1.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
