subject:"\[jira\] \[Commented\] \(KAFKA\-3169\) Kafka broker throws OutOfMemory error with invalid SASL packet"

[jira] [Commented] (KAFKA-3169) Kafka broker throws OutOfMemory error with invalid SASL packet

2016-01-30 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/KAFKA-3169?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15124854#comment-15124854
 ] 

ASF GitHub Bot commented on KAFKA-3169:
---

Github user asfgit closed the pull request at:

https://github.com/apache/kafka/pull/831


> Kafka broker throws OutOfMemory error with invalid SASL packet
> --
>
> Key: KAFKA-3169
> URL: https://issues.apache.org/jira/browse/KAFKA-3169
> Project: Kafka
>  Issue Type: Bug
>  Components: security
>Affects Versions: 0.9.0.0
>Reporter: Rajini Sivaram
>Assignee: Rajini Sivaram
>Priority: Critical
> Fix For: 0.9.0.1
>
>
> Receive buffer used in Kafka servers to process SASL packets is unbounded. 
> This can results in brokers crashing with OutOfMemory error when an invalid 
> SASL packet is received. 
> There is a standard SASL property in Java _javax.security.sasl.maxbuffer_ 
> that can be used to specify buffer size. When properties are added to the 
> Sasl implementation in KAFKA-3149, we can use the standard property to limit 
> receive buffer size. 
> But since this is a potential DoS issue, we should set a reasonable limit in 
> 0.9.0.1. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KAFKA-3169) Kafka broker throws OutOfMemory error with invalid SASL packet

2016-01-29 Thread ASF GitHub Bot (JIRA)


[ 
https://issues.apache.org/jira/browse/KAFKA-3169?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15123458#comment-15123458
 ] 

ASF GitHub Bot commented on KAFKA-3169:
---

GitHub user rajinisivaram opened a pull request:

https://github.com/apache/kafka/pull/831

KAFKA-3169: Limit receive buffer size for SASL packets in broker

Limit receive buffer size to avoid OOM in broker with invalid SASL packets

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/rajinisivaram/kafka KAFKA-3169

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/kafka/pull/831.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #831


commit add436b8d3ad03f1189547bb4bfac824295d7e63
Author: Rajini Sivaram 
Date:   2016-01-29T13:02:08Z

KAFKA-3169: Limit receive buffer size for SASL packets to avoid broker OOM 
with invalid packets




> Kafka broker throws OutOfMemory error with invalid SASL packet
> --
>
> Key: KAFKA-3169
> URL: https://issues.apache.org/jira/browse/KAFKA-3169
> Project: Kafka
>  Issue Type: Bug
>  Components: security
>Affects Versions: 0.9.0.0
>Reporter: Rajini Sivaram
>Assignee: Rajini Sivaram
>Priority: Critical
> Fix For: 0.9.0.1
>
>
> Receive buffer used in Kafka servers to process SASL packets is unbounded. 
> This can results in brokers crashing with OutOfMemory error when an invalid 
> SASL packet is received. 
> There is a standard SASL property in Java _javax.security.sasl.maxbuffer_ 
> that can be used to specify buffer size. When properties are added to the 
> Sasl implementation in KAFKA-3149, we can use the standard property to limit 
> receive buffer size. 
> But since this is a potential DoS issue, we should set a reasonable limit in 
> 0.9.0.1. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KAFKA-3169) Kafka broker throws OutOfMemory error with invalid SASL packet

[jira] [Commented] (KAFKA-3169) Kafka broker throws OutOfMemory error with invalid SASL packet

2 matches

Site Navigation

Mail list logo

Footer information