537a0d4d81
Motivation: e Snappy frame decoder function doesn't restrict the size of the compressed data (and the uncompressed data) which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. Modifications: - Add various validations for the max allowed size of a chunk - Skip bytes on the fly when an skippable chunk is handled Result: No more risk of OOME. Thanks to Ori Hollander of JFrog Security for reporting the issue. |
||
---|---|---|
.. | ||
src | ||
pom.xml |