Commit fa97ee9
authored
Make public API specify explicit maxAllocation to prevent OOM (#15005)
Motivation:
The current `ZLibCodecFactory` provides `newZlibDecoder` methods without
an option to specify a maximum memory limit for decompression. These
methods are utilized in various parts of the project, such as the
per-message WebSocket extension. As a result, a client could send a
small, maliciously crafted compressed message that, upon decompression,
would consume all available memory. This can lead to an
`OutOfMemoryError` scenario, which can easily be reproduced as follows:
```
Exception in thread "io-compute-15" java.lang.OutOfMemoryError: Java heap space
at io.netty.util.internal.PlatformDependent.allocateUninitializedArray(PlatformDependent.java:326)
at io.netty.buffer.PoolArena$HeapArena.newByteArray(PoolArena.java:628)
at io.netty.buffer.PoolArena$HeapArena.newUnpooledChunk(PoolArena.java:652)
at io.netty.buffer.PoolArena.allocateHuge(PoolArena.java:224)
at io.netty.buffer.PoolArena.allocate(PoolArena.java:142)
at io.netty.buffer.PoolArena.reallocate(PoolArena.java:317)
at io.netty.buffer.PooledByteBuf.capacity(PooledByteBuf.java:123)
at io.netty.buffer.AbstractByteBuf.ensureWritable(AbstractByteBuf.java:333)
at io.netty.handler.codec.compression.ZlibDecoder.prepareDecompressBuffer(ZlibDecoder.java:74)
at io.netty.handler.codec.compression.JdkZlibDecoder.decode(JdkZlibDecoder.java:265)
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:530)
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:469)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1357)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:868)
at io.netty.channel.embedded.EmbeddedChannel.writeInbound(EmbeddedChannel.java:348)
at io.netty.handler.codec.http.websocketx.extensions.compression.DeflateDecoder.decompressContent(DeflateDecoder.java:119)
at io.netty.handler.codec.http.websocketx.extensions.compression.DeflateDecoder.decode(DeflateDecoder.java:80)
at io.netty.handler.codec.http.websocketx.extensions.compression.PerMessageDeflateDecoder.decode(PerMessageDeflateDecoder.java:87)
at io.netty.handler.codec.http.websocketx.extensions.compression.PerMessageDeflateDecoder.decode(PerMessageDeflateDecoder.java:31)
at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:91)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
at io.netty.handler.timeout.IdleStateHandler.channelRead(IdleStateHandler.java:289)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:442)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
java.lang.OutOfMemoryError: Java heap space
at io.netty.util.internal.PlatformDependent.allocateUninitializedArray(PlatformDependent.java:326)
at io.netty.buffer.PoolArena$HeapArena.newByteArray(PoolArena.java:628)
at io.netty.buffer.PoolArena$HeapArena.newUnpooledChunk(PoolArena.java:652)
```
Modification:
- Introduced new `newZlibDecoder` methods within `ZlibCodecFactory` that
include an explicit `maxAllocation` parameter to specify the maximum
allowed memory during decompression.
- The older methods have been deprecated in favor of the new ones.
- Public APIs that invoke `newZlibDecoder` now require the
`maxAllocation` parameter as well.
Result:
This change does not modify the public API behavior, but it encourages
users to adopt the updated methods, which include the explicit
`maxAllocation` argument, providing more control over memory usage
during decompression.
Fixes #6663.1 parent c750775 commit fa97ee9
36 files changed
Lines changed: 623 additions & 136 deletions
File tree
- codec-compression/src
- main/java/io/netty/handler/codec/compression
- test/java/io/netty/handler/codec/compression
- codec-http2/src
- main/java/io/netty/handler/codec/http2
- test/java/io/netty/handler/codec/http2
- codec-http/src
- main/java/io/netty/handler/codec/http
- websocketx/extensions/compression
- test/java/io/netty/handler/codec/http
- websocketx/extensions/compression
- example/src/main/java/io/netty/example
- factorial
- http2/helloworld/client
- http
- snoop
- upload
- websocketx
- benchmarkserver
- client
- server
- portunification
Lines changed: 6 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
34 | 34 | | |
35 | 35 | | |
36 | 36 | | |
| 37 | + | |
37 | 38 | | |
| 39 | + | |
38 | 40 | | |
39 | 41 | | |
40 | 42 | | |
| |||
57 | 59 | | |
58 | 60 | | |
59 | 61 | | |
| 62 | + | |
60 | 63 | | |
| 64 | + | |
61 | 65 | | |
62 | 66 | | |
63 | 67 | | |
| |||
88 | 92 | | |
89 | 93 | | |
90 | 94 | | |
| 95 | + | |
91 | 96 | | |
| 97 | + | |
92 | 98 | | |
93 | 99 | | |
94 | 100 | | |
| |||
Lines changed: 17 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
64 | 64 | | |
65 | 65 | | |
66 | 66 | | |
| 67 | + | |
| 68 | + | |
67 | 69 | | |
| 70 | + | |
68 | 71 | | |
69 | 72 | | |
70 | 73 | | |
| |||
85 | 88 | | |
86 | 89 | | |
87 | 90 | | |
| 91 | + | |
| 92 | + | |
88 | 93 | | |
| 94 | + | |
89 | 95 | | |
90 | 96 | | |
91 | 97 | | |
| |||
107 | 113 | | |
108 | 114 | | |
109 | 115 | | |
| 116 | + | |
| 117 | + | |
110 | 118 | | |
| 119 | + | |
111 | 120 | | |
112 | 121 | | |
113 | 122 | | |
| |||
125 | 134 | | |
126 | 135 | | |
127 | 136 | | |
| 137 | + | |
| 138 | + | |
| 139 | + | |
| 140 | + | |
128 | 141 | | |
129 | 142 | | |
130 | 143 | | |
| |||
133 | 146 | | |
134 | 147 | | |
135 | 148 | | |
| 149 | + | |
| 150 | + | |
| 151 | + | |
| 152 | + | |
136 | 153 | | |
137 | 154 | | |
138 | 155 | | |
| |||
Lines changed: 61 additions & 6 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
120 | 120 | | |
121 | 121 | | |
122 | 122 | | |
| 123 | + | |
| 124 | + | |
| 125 | + | |
| 126 | + | |
| 127 | + | |
| 128 | + | |
123 | 129 | | |
| 130 | + | |
| 131 | + | |
| 132 | + | |
| 133 | + | |
| 134 | + | |
| 135 | + | |
| 136 | + | |
| 137 | + | |
| 138 | + | |
| 139 | + | |
| 140 | + | |
124 | 141 | | |
125 | | - | |
| 142 | + | |
126 | 143 | | |
127 | | - | |
| 144 | + | |
128 | 145 | | |
129 | 146 | | |
130 | 147 | | |
| 148 | + | |
| 149 | + | |
| 150 | + | |
| 151 | + | |
| 152 | + | |
| 153 | + | |
131 | 154 | | |
| 155 | + | |
| 156 | + | |
| 157 | + | |
| 158 | + | |
| 159 | + | |
| 160 | + | |
| 161 | + | |
| 162 | + | |
| 163 | + | |
| 164 | + | |
| 165 | + | |
132 | 166 | | |
133 | | - | |
| 167 | + | |
134 | 168 | | |
135 | | - | |
| 169 | + | |
136 | 170 | | |
137 | 171 | | |
138 | 172 | | |
| 173 | + | |
| 174 | + | |
| 175 | + | |
| 176 | + | |
| 177 | + | |
| 178 | + | |
| 179 | + | |
| 180 | + | |
139 | 181 | | |
| 182 | + | |
| 183 | + | |
| 184 | + | |
| 185 | + | |
| 186 | + | |
| 187 | + | |
| 188 | + | |
| 189 | + | |
| 190 | + | |
| 191 | + | |
| 192 | + | |
| 193 | + | |
| 194 | + | |
140 | 195 | | |
141 | | - | |
| 196 | + | |
142 | 197 | | |
143 | | - | |
| 198 | + | |
144 | 199 | | |
145 | 200 | | |
146 | 201 | | |
| |||
Lines changed: 3 additions & 3 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
86 | 86 | | |
87 | 87 | | |
88 | 88 | | |
89 | | - | |
| 89 | + | |
90 | 90 | | |
91 | 91 | | |
92 | 92 | | |
| |||
108 | 108 | | |
109 | 109 | | |
110 | 110 | | |
111 | | - | |
| 111 | + | |
112 | 112 | | |
113 | 113 | | |
114 | 114 | | |
| |||
147 | 147 | | |
148 | 148 | | |
149 | 149 | | |
150 | | - | |
| 150 | + | |
151 | 151 | | |
152 | 152 | | |
153 | 153 | | |
| |||
Lines changed: 33 additions & 3 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
22 | 22 | | |
23 | 23 | | |
24 | 24 | | |
| 25 | + | |
25 | 26 | | |
26 | 27 | | |
27 | 28 | | |
| |||
40 | 41 | | |
41 | 42 | | |
42 | 43 | | |
| 44 | + | |
43 | 45 | | |
44 | 46 | | |
45 | 47 | | |
| 48 | + | |
| 49 | + | |
46 | 50 | | |
| 51 | + | |
47 | 52 | | |
48 | | - | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
| 58 | + | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + | |
49 | 63 | | |
50 | 64 | | |
51 | 65 | | |
52 | 66 | | |
53 | 67 | | |
54 | 68 | | |
55 | 69 | | |
| 70 | + | |
| 71 | + | |
56 | 72 | | |
| 73 | + | |
57 | 74 | | |
| 75 | + | |
| 76 | + | |
| 77 | + | |
| 78 | + | |
| 79 | + | |
| 80 | + | |
| 81 | + | |
| 82 | + | |
| 83 | + | |
| 84 | + | |
| 85 | + | |
| 86 | + | |
58 | 87 | | |
| 88 | + | |
59 | 89 | | |
60 | 90 | | |
61 | 91 | | |
62 | 92 | | |
63 | 93 | | |
64 | 94 | | |
65 | 95 | | |
66 | | - | |
| 96 | + | |
67 | 97 | | |
68 | 98 | | |
69 | 99 | | |
70 | 100 | | |
71 | 101 | | |
72 | 102 | | |
73 | | - | |
| 103 | + | |
74 | 104 | | |
75 | 105 | | |
76 | 106 | | |
| |||
Lines changed: 4 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
50 | 50 | | |
51 | 51 | | |
52 | 52 | | |
| 53 | + | |
53 | 54 | | |
54 | 55 | | |
55 | 56 | | |
| |||
59 | 60 | | |
60 | 61 | | |
61 | 62 | | |
62 | | - | |
| 63 | + | |
63 | 64 | | |
64 | 65 | | |
| 66 | + | |
65 | 67 | | |
66 | 68 | | |
67 | 69 | | |
| |||
110 | 112 | | |
111 | 113 | | |
112 | 114 | | |
113 | | - | |
| 115 | + | |
114 | 116 | | |
115 | 117 | | |
116 | 118 | | |
| |||
0 commit comments