[
https://issues.apache.org/jira/browse/OAK-2557?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14359898#comment-14359898
]
Chetan Mehrotra commented on OAK-2557:
--------------------------------------
Minor nit pick there :)
Above approach creates a potential security risk as per [Guava
Files|http://docs.guava-libraries.googlecode.com/git/javadoc/com/google/common/io/Files.html#createTempDir%28%29].
Though those risks do not apply in our usecase!
{quote}
Use this method instead of File.createTempFile(String, String) when you wish to
create a directory, not a regular file. A common pitfall is to call
createTempFile, delete the file and create a directory in its place, but this
leads a race condition which can be exploited to create security
vulnerabilities, especially when executable files are to be written into the
directory.
{quote}
> VersionGC uses way too much memory if there is a large pile of garbage
> ----------------------------------------------------------------------
>
> Key: OAK-2557
> URL: https://issues.apache.org/jira/browse/OAK-2557
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: core, mongomk
> Affects Versions: 1.0.11
> Reporter: Stefan Egli
> Assignee: Chetan Mehrotra
> Priority: Blocker
> Fix For: 1.1.8, 1.0.13
>
> Attachments: OAK-2557-2.patch, OAK-2557-3.patch, OAK-2557.patch
>
>
> It has been noticed that on a system where revision-gc
> (VersionGarbageCollector of mongomk) did not run for a few days (due to not
> interfering with some tests/large bulk operations) that there was such a
> large pile of garbage accumulating, that the following code
> {code}
> VersionGarbageCollector.collectDeletedDocuments
> {code}
> in the for loop, creates such a large list of NodeDocuments to delete
> (docIdsToDelete) that it uses up too much memory, causing the JVM's GC to
> constantly spin in Full-GCs.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
