Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
Description
There are currently some system properties that limit datum allocation size:
- org.apache.avro.limits.byte.maxLength
- org.apache.avro.limits.string.maxLength
These are hidden in two different classes (Utf8 and BinaryDecoder). It would make sense to centralize them in one place to make it clearer how to limit the damage untrusted data could do while deserializing.
Attachments
Issue Links
- links to