Do not checksum all bytes at once in plugin install (#44649)
Today when checksumming a plugin zip during plugin install, we read all of the bytes of the zip into memory at once. When trying to run the plugin installer on a small heap (say, 64 MiB), this can lead to the plugin installer running out of memory when checksumming large plugins. This commit addresses this by reading the plugin bytes in 8 KiB chunks, thus using a constant amount of memory independent of the size of the plugin.
This commit is contained in:
parent
4c05d25ec7
commit
cdd06d40d2
|
@ -506,9 +506,17 @@ class InstallPluginCommand extends EnvironmentAwareCommand {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// read the bytes of the plugin zip in chunks to avoid out of memory errors
|
||||||
|
try (InputStream zis = Files.newInputStream(zip)) {
|
||||||
try {
|
try {
|
||||||
final byte[] zipBytes = Files.readAllBytes(zip);
|
final MessageDigest digest = MessageDigest.getInstance(digestAlgo);
|
||||||
final String actualChecksum = MessageDigests.toHexString(MessageDigest.getInstance(digestAlgo).digest(zipBytes));
|
final byte[] bytes = new byte[8192];
|
||||||
|
int read;
|
||||||
|
while ((read = zis.read(bytes)) != -1) {
|
||||||
|
assert read > 0 : read;
|
||||||
|
digest.update(bytes, 0, read);
|
||||||
|
}
|
||||||
|
final String actualChecksum = MessageDigests.toHexString(digest.digest());
|
||||||
if (expectedChecksum.equals(actualChecksum) == false) {
|
if (expectedChecksum.equals(actualChecksum) == false) {
|
||||||
throw new UserException(
|
throw new UserException(
|
||||||
ExitCodes.IO_ERROR,
|
ExitCodes.IO_ERROR,
|
||||||
|
@ -518,6 +526,7 @@ class InstallPluginCommand extends EnvironmentAwareCommand {
|
||||||
// this should never happen as we are using SHA-1 and SHA-512 here
|
// this should never happen as we are using SHA-1 and SHA-512 here
|
||||||
throw new AssertionError(e);
|
throw new AssertionError(e);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (officialPlugin) {
|
if (officialPlugin) {
|
||||||
verifySignature(zip, urlString);
|
verifySignature(zip, urlString);
|
||||||
|
|
Loading…
Reference in New Issue