Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OutOfMemoryError has been occurred #158

Open
hehexiansheng123 opened this issue Oct 29, 2024 · 8 comments
Open

OutOfMemoryError has been occurred #158

hehexiansheng123 opened this issue Oct 29, 2024 · 8 comments

Comments

@hehexiansheng123
Copy link

hehexiansheng123 commented Oct 29, 2024
edited
Loading

My product tester is connected to a self-built email server. When verifying the email account or sending emails, a large packet is returned, causing memory overflow. Does this software verify the packet length in these two scenarios? If it is not verified, it is vulnerable to attacks.

Thanks
@hehexiansheng123
Copy link
Author

According to the code, it seems that the response from the email server is not verified.

protected int readServerResponse() throws MessagingException {
assert Thread.holdsLock(this);
String serverResponse = "";
int returnCode = 0;
StringBuilder buf = new StringBuilder(100);

// read the server response line(s) and add them to the buffer
// that stores the response
    try {
    String line = null;

    do {
	line = lineInputStream.readLine();
	if (line == null) {
	    serverResponse = buf.toString();
	    if (serverResponse.length() == 0)
		serverResponse = "[EOF]";
	    lastServerResponse = serverResponse;
	    lastReturnCode = -1;
	    logger.log(Level.FINE, "EOF: {0}", serverResponse);
	    return -1;
	}
	buf.append(line);
	buf.append("\n");
    } while (isNotLastLine(line));

        serverResponse = buf.toString();
    } catch (IOException ioex) {
    logger.log(Level.FINE, "exception reading response", ioex);
        //ioex.printStackTrace(out);
    lastServerResponse = "";
    lastReturnCode = 0;
    throw new MessagingException("Exception reading response", ioex);
        //returnCode = -1;
    }

// print debug info
    //if (logger.isLoggable(Level.FINE))
        //logger.fine("RCVD: " + serverResponse);

// parse out the return code
    if (serverResponse.length() >= 3) {
        try {
            returnCode = Integer.parseInt(serverResponse.substring(0, 3));
        } catch (NumberFormatException nfe) {
	try {
	    close();
	} catch (MessagingException mex) {
	    // thrown by close()--ignore, will close() later anyway
	    logger.log(Level.FINE, "close failed", mex);
	}
	returnCode = -1;
        } catch (StringIndexOutOfBoundsException ex) {
	try {
	    close();
	} catch (MessagingException mex) {
	    // thrown by close()--ignore, will close() later anyway
	    logger.log(Level.FINE, "close failed", mex);
	}
            returnCode = -1;
    }
} else {
    returnCode = -1;
}
if (returnCode == -1)
    logger.log(Level.FINE, "bad server response: {0}", serverResponse);

    lastServerResponse = serverResponse;
lastReturnCode = returnCode;
    return returnCode;
}

@jbescos
Copy link
Member

jbescos commented Oct 30, 2024

@hehexiansheng123 could you attach the stacktrace of the OutOfMemoryError, please?. I know that could happen in an unrelated area, but just in case it happens in the place we need to take a look...

@baoxinggit
Copy link

Hello, sorry to reply now,
this is the stack information:
堆栈信息
overflow area:
堆信息

@hehexiansheng123
Copy link
Author

Hello, sorry to reply now, this is the stack information: 堆栈信息 overflow area: 堆信息

@jbescos my colleagues had upload the stack information, take a look please, thanks bro

@jbescos
Copy link
Member

jbescos commented Nov 4, 2024

Thank you both, @hehexiansheng123 and @baoxinggit

@jmehrens , I am thinking to provide a new property with a default value in LineInputStream to limit the bytes to be read.

Do you have any suggestion?.

@hehexiansheng123
Copy link
Author

Thank you both, @hehexiansheng123 and @baoxinggit

@jmehrens , I am thinking to provide a new property with a default value in LineInputStream to limit the bytes to be read.

Do you have any suggestion?.

it seems a good idea, I think it's best to add a read length limit to the response body in the readLine method.

@jmehrens
Copy link
Contributor

jmehrens commented Nov 4, 2024

@jbescos

@jmehrens , I am thinking to provide a new property with a default value in LineInputStream to limit the bytes to be read.

Do you have any suggestion?.

I need to do some more work to provide better informed feedback. That said, I wonder if there is something documented in the RFCs about max length of a server response. If so we might be able to enforce a hard limit without a new property.

Adding a new property seems fine if no other alternative. Choosing right default might get tricky.

We should spend time thinking about adding enough namespace to the property to allow parent/child control of buffer sizes. E.G. all of Angus Mail, smtp, imap, pop3, and classname. Then decide if that provides value.

@jmehrens
Copy link
Contributor

jmehrens commented Nov 6, 2024

This thread talks a bit on limits:
jstedfast/MailKit#834

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jbescos @baoxinggit @jmehrens @hehexiansheng123