You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To protect against OOME the compression and decompression codecs should explicitly limit the amount of data they compress and decompress. We may be vulnerable to OOME from large or malicious input.
Actual behavior
In light of #5997 most of the compression/decompression codecs don't enforce limits on buffer allocation sizes.
Steps to reproduce
N/A
Minimal yet complete reproducer code (or URL to code)
N/A
Netty version
4.1.7-SNAPSHOT
JVM version (e.g. java -version)
N/A
OS version (e.g. uname -a)
N/A
The text was updated successfully, but these errors were encountered:
Expected behavior
To protect against OOME the compression and decompression codecs should explicitly limit the amount of data they compress and decompress. We may be vulnerable to OOME from large or malicious input.
Actual behavior
In light of #5997 most of the compression/decompression codecs don't enforce limits on buffer allocation sizes.
Steps to reproduce
N/A
Minimal yet complete reproducer code (or URL to code)
N/A
Netty version
4.1.7-SNAPSHOT
JVM version (e.g.
java -version
)N/A
OS version (e.g.
uname -a
)N/A
The text was updated successfully, but these errors were encountered: