[jcifs] OOM Issue in eventlog patch
Vianney
vianney+smb at gmail.com
Mon Mar 28 02:10:10 MDT 2011
Hello,
I'm not sure exactly how this works, but i have a makeshift patch for a patch?
The problem I had was that due to some corrupted/unexpected response from a
remote windows event viewer host, eventlog.decode_out() would get stuck in an
infinite loop of memory allocation, until the JVM runs out of memory.
The culprit can be seen here:
public void decode_out(NdrBuffer _src) throws NdrException {
...
while (bytesTotal < sent_size) {
if (entries == null) {
entries = new ArrayList();
}
EventlogRecord entry = new EventlogRecord();
entry.decode(_src);
entries.add(entry);
bytesTotal += entry.size;
}
}
which i avoid by replacing with the following:
public void decode_out(NdrBuffer _src) throws NdrException {
...
int size=-1;
while (size != 0 && bytesTotal < sent_size) {
if (entries == null) {
entries = new ArrayList();
}
EventlogRecord entry = new EventlogRecord();
entry.decode(_src);
entries.add(entry);
size = entry.size;
bytesTotal += size;
}
}
Not the most elegant of solutions but it works as an alert mechanism. I'd have
thrown an exception instead but it looks like it would only get ignored one
level up.
More information about the jCIFS
mailing list