-
Type:
Bug
-
Status: Resolved (View Workflow)
-
Priority:
Critical
-
Resolution: Fixed
-
Affects Version/s: Meridian-2016.1.3
-
Fix Version/s: 20.1.0, Meridian-2016.1.7, Meridian-2017.1.0
-
Component/s: Polling / Monitors / Outages
-
Security Level: Default (Default Security Scheme)
-
Environment:
-
Sprint:Horizon - September 6th
User reports the following messages in dhcpd.log:
2017-05-30 14:43:08,512 WARN [DHCPReceiver] o.o.n.d.Receiver: An error occurred when reading DHCP response. Ignoring exception:
java.lang.ArrayIndexOutOfBoundsException: 312
at edu.bucknell.net.JDHCP.DHCPOptions.internalize(DHCPOptions.java:120) ~[jdhcp-1.1.1.jar:?]
at edu.bucknell.net.JDHCP.DHCPMessage.internalize(DHCPMessage.java:423) ~[jdhcp-1.1.1.jar:?]
at edu.bucknell.net.JDHCP.DHCPMessage.<init>(DHCPMessage.java:242) ~[jdhcp-1.1.1.jar:?]
at org.opennms.netmgt.dhcpd.Receiver.run(Receiver.java:134) [org.opennms.protocols.dhcp-2016.1.3.jar:?]
at java.lang.Thread.run(Thread.java:745) [?:1.8.0_92]
I tracked down a copy of the jdhcp-1.1.1 source code and found that the DHCPOptions class' internalize method does no bounds checking.
The jDHCP project looks orphaned; should we consider adopting it and implementing some defensive code here? Or can we handle the exception gracefully on our side?
