Skip to content

Memory error in GetDataSubarrays crashes the server

Hello!

I was unsure of the severity/significance of this error, but I made the issue confidential to be on the safe side. Feel free to make it public if you deem it best so.

I am working on a project where we are using the open-etp-server to store and retrieve RESQML-objects. In particular we look at two-dimensional arrays (the RESQML-object Grid2dRepresentation). When trying to use the GetDataSubarrays-request (protocol 9, message type ID 3 in the ETP-v12 spec) we get an error response from the server if we try to access elements beyond the size of the array. However, in the case where we try to access too many elements in the last axis of the array (if the sum of starts[1] and counts[1] is greater than the size of axis 1 in the array), then the server crashes. See below for the log from the server running in Docker.

[2023-12-13 13:55:34.554] Info: [somecli] SVR <REQ Thread(1) Session(1) Msg(26)_PMsg(0) DataArray(9).GetDataSubarrays(3) Final(F) -5
[2023-12-13 13:55:34.556] Error: [somecli] SVR >ERR Thread(1) Session(1) Msg(25)_PMsg(26) partial array[1] Core(0).ProtocolException(1000)
        ETP-5 (starts[1] 0 + counts[1] 5) > dimensions[1] 4
[2023-12-13 13:55:34.556] Info: [somecli] SVR >RES Thread(1) Session(1) Msg(27)_PMsg(26) DataArray(9).GetDataSubarraysResponse(8) Final(F)
[2023-12-13 13:55:34.557] Info: [somecli] SVR <REQ Thread(1) Session(1) Msg(28)_PMsg(0) Core(0).CloseSession(5) Final(F) -5
[2023-12-13 13:55:34.557] Info: SVR Thread(1) Session(1) from [somecli] CLOSED NORMALLY 
free(): invalid next size (fast)

This requires a manual restart of the server, and affects anyone using the server.

For comparison, when trying to access too many elements in the zeroth axis we get the logs:

[2023-12-13 14:00:37.821] Info: [somecli] SVR <REQ Thread(1) Session(1) Msg(26)_PMsg(0) DataArray(9).GetDataSubarrays(3) Final(F) -5
[2023-12-13 14:00:37.822] Error: [somecli] SVR >ERR Thread(1) Session(1) Msg(25)_PMsg(26) partial array[1] Core(0).ProtocolException(1000)
        ETP-5 (starts[0] 0 + counts[0] 4) > dimensions[0] 3
[2023-12-13 14:00:37.822] Info: [somecli] SVR >RES Thread(1) Session(1) Msg(27)_PMsg(26) DataArray(9).GetDataSubarraysResponse(8) Final(F)
[2023-12-13 14:00:37.824] Info: [somecli] SVR <REQ Thread(1) Session(1) Msg(28)_PMsg(0) Core(0).CloseSession(5) Final(F) -5
[2023-12-13 14:00:37.824] Info: SVR Thread(1) Session(1) from [somecli] CLOSED NORMALLY

and the server is still running normally.

We get the error on the latest published open-etp-server image (community.opengroup.org:5555/osdu/platform/domain-data-mgmt-services/reservoir/open-etp-server/open-etp-server-main:latest).

I can add a demo-script of the error upon request (it is fairly long due to manual usage of websockets in Python).