[
https://issues.apache.org/jira/browse/ZOOKEEPER-3016?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
sumit agrawal updated ZOOKEEPER-3016:
-------------------------------------
Description:
While accepting connection from client, and message is incorrect, this causes
NegativeArraySizeException while creating byte array of negative size.
~2018-03-02 23:51:21 [UTC:20180302T235121+0100]|INFO
||/xx.xx.xx.xx:3888hread|Coordination > Received connection request
/yy.yy.yy.yy:18320 (QuorumCnxManager.java:511)~
~2018-03-02 23:51:21
[UTC:20180302T235121+0100]|ERROR||/xx.xx.xx.xx:3888hread|Coordination > Thread
Thread[/xx.xx.xx.xx:3888,5,main] died (NIOServerCnxnFactory.java:44)~
~java.lang.NegativeArraySizeException~
~at
org.apache.zookeeper.server.quorum.QuorumCnxManager.receiveConnection(QuorumCnxManager.java:242)~
~at
org.apache.zookeeper.server.quorum.QuorumCnxManager$Listener.run(QuorumCnxManager.java:513)~
Below is code reference having the issue.
int num_remaining_bytes = din.readInt();
byte[] b = new byte[num_remaining_bytes];
This makes other node in quorum unable to connect to this node. Here client is
security scan app.
Check for invalid input must be present to avoid Node crashing and security.
was:
While accepting connection from client, and message is incorrect, this causes
NegativeArraySizeException while creating byte array of negative size.
~2018-03-02 23:51:21 [UTC:20180302T235121+0100]|INFO
||/xx.xx.xx.xx:3888hread|Coordination > Received connection request
/yy.yy.yy.yy:18320 (QuorumCnxManager.java:511)~
~2018-03-02 23:51:21
[UTC:20180302T235121+0100]|ERROR||/xx.xx.xx.xx:3888hread|Coordination > Thread
Thread[/xx.xx.xx.xx:3888,5,main] died (NIOServerCnxnFactory.java:44)~
~java.lang.NegativeArraySizeException~
~at
org.apache.zookeeper.server.quorum.QuorumCnxManager.receiveConnection(QuorumCnxManager.java:242)~
~at
org.apache.zookeeper.server.quorum.QuorumCnxManager$Listener.run(QuorumCnxManager.java:513)~
Below is code reference having the issue.
int num_remaining_bytes = din.readInt();
byte[] b = new byte[num_remaining_bytes];
This makes other node in quorum unable to connect to this node.
Check for invalid input must be present to avoid Observer crashing.
> Follower QuorumCnxManager$Listener thread died due to incorrect client packet
> -----------------------------------------------------------------------------
>
> Key: ZOOKEEPER-3016
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3016
> Project: ZooKeeper
> Issue Type: Bug
> Affects Versions: 3.4.6
> Reporter: sumit agrawal
> Priority: Major
>
> While accepting connection from client, and message is incorrect, this causes
> NegativeArraySizeException while creating byte array of negative size.
>
> ~2018-03-02 23:51:21 [UTC:20180302T235121+0100]|INFO
> ||/xx.xx.xx.xx:3888hread|Coordination > Received connection request
> /yy.yy.yy.yy:18320 (QuorumCnxManager.java:511)~
> ~2018-03-02 23:51:21
> [UTC:20180302T235121+0100]|ERROR||/xx.xx.xx.xx:3888hread|Coordination >
> Thread Thread[/xx.xx.xx.xx:3888,5,main] died (NIOServerCnxnFactory.java:44)~
> ~java.lang.NegativeArraySizeException~
> ~at
> org.apache.zookeeper.server.quorum.QuorumCnxManager.receiveConnection(QuorumCnxManager.java:242)~
> ~at
> org.apache.zookeeper.server.quorum.QuorumCnxManager$Listener.run(QuorumCnxManager.java:513)~
>
> Below is code reference having the issue.
> int num_remaining_bytes = din.readInt();
> byte[] b = new byte[num_remaining_bytes];
>
> This makes other node in quorum unable to connect to this node. Here client
> is security scan app.
>
> Check for invalid input must be present to avoid Node crashing and security.
>
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
