[
https://issues.apache.org/jira/browse/THRIFT-81?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12649824#action_12649824
]
David Reiss commented on THRIFT-81:
-----------------------------------
Yeah, but if someone increases the heap size, I don't want them to have to
remember to increase the server buffer size also. And OOM exceptions are much
easier to debug then "all of a sudden, my server is pinning a CPU core". I'd
much rather have it be completely out of reach and let people who know what
they are doing mess with it.
> TNonblockingServer should have the option to limit the number of clients or
> the amount of memory it will allocate to incomplete client frames
> ---------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: THRIFT-81
> URL: https://issues.apache.org/jira/browse/THRIFT-81
> Project: Thrift
> Issue Type: New Feature
> Components: Library (Java)
> Reporter: Bryan Duxbury
> Assignee: Bryan Duxbury
> Priority: Trivial
> Attachments: thrift-81-v2.patch, thrift-81.patch
>
>
> In the current TNonblockingServer implementation, it would be possible for a
> large number of clients to connect to the server and send a very large 4-byte
> frame size, causing the server to allocate lots of memory and die. The server
> should have an option to protect itself against either overwhelming numbers
> of clients or more than a specified amount of memory at a time, or both. This
> would make it much more robust in the face of an unknown pool of clients.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
