[JAVA-1847] Response class does not sanity check values read from network leading to potential OutOfMemory exceptions Created: 29/May/15  Updated: 24/Jun/15  Resolved: 24/Jun/15

Status: Closed
Project: Java Driver
Component/s: Error Handling
Affects Version/s: 2.12.2
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Ronan Bohan Assignee: Unassigned
Resolution: Cannot Reproduce Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends

 Description   

class Response (com.mongodb.Response) reads data from the network to build up a response object for later processing. On line 70 it reads an integer into _num which is later used to create an ArrayList (line 78). This value however is not sanity checked which can lead to an OOM exception being thrown.

This affects at least versions 2.12.2 of the driver. The code for the 3.0 driver no longer contains this class but the new implementation should also contain a sanity check for this type of issue.


Generated at Thu Feb 08 08:55:39 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.