[jira] Commented: (THRIFT-602) Out of memory error on bogus input

[Kjetil Valstadsve (JIRA)]

    [ 
https://issues.apache.org/jira/browse/THRIFT-602?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12763529#action_12763529
 ] 

Kjetil Valstadsve commented on THRIFT-602:
------------------------------------------

Consider my patch a marginal improvement that doesn't kill the server outright, 
and even preserves some indication of the cause. (In this case, a really, 
really huge buffer.) It bascially fails as before, but at least it doesn't just 
die.

Sanity checks are obviously the way to go in the long run, but I didn't want to 
get into that. Assumptions about heap size and memory tend to get outdated 
faster then your code. Good to see you're on it.

> Out of memory error on bogus input
> ----------------------------------
>
>                 Key: THRIFT-602
>                 URL: https://issues.apache.org/jira/browse/THRIFT-602
>             Project: Thrift
>          Issue Type: Bug
>          Components: Library (Java)
>    Affects Versions: 0.2
>         Environment: The internet :-)
>            Reporter: Kjetil Valstadsve
>         Attachments: 
> Catch_out_of_memory_error,_notify_the_number_of_bytes_requested,_and_rethrow_as_TException_.patch
>
>
> When testing the thrift port of a Cassandra server, I did a telnet and typed 
> in an "sdfsdf" and linebreak, just to see it hang up. 
> Hang up it did! In fact, this happened on the server:
> ERROR [pool-1-thread-1] 2009-10-08 13:20:56,782 CassandraDaemon.java (line 
> 71) Fatal exception in thread Thread[pool-1-thread-1,5,main]
> java.lang.OutOfMemoryError: Java heap space
>         at 
> org.apache.thrift.protocol.TBinaryProtocol.readStringBody(TBinaryProtocol.java:296)
>         at 
> org.apache.thrift.protocol.TBinaryProtocol.readMessageBegin(TBinaryProtocol.java:203)
>         at 
> org.apache.cassandra.service.Cassandra$Processor.process(Cassandra.java:615)
>         at 
> org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:253)
>         at 
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
>         at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
>         at java.lang.Thread.run(Thread.java:619)
> I assume this is what happens: Data is misread as an input length, an 
> unreasonably-sized array is attempted, and the VM dies. I have a patch that 
> rethrows it as a TException, with some info on the number of bytes requested. 
> I will attach it once I find out how.
> Not sure about the thrift version, it happens in Cassandra 0.4.0, the thrift 
> jar being libthrift-r808609.jar.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.