Page History

A Java OutofMemoryError occurs if the program attempts to use more heap space than what is available. Amongst other causes, this error may result from:

• a memory leak
• an infinite loop
• limited amounts of default heap memory available
• incorrect implementation of common data structures (hash tables, vectors and so on)
• unbound deserialization
• writing a large number of objects to an ObjectOutputStream
• creating a large number of threads

...

According to the Java API \[[API 2006|AA. Bibliography#API 06]\], {{BufferedReader.readLine()}} method documentation:

Wiki Markup
\[{{readLine()}}\] Reads a line of text. A line is considered to be terminated by any one of a line feed ('{{\n}}'), a carriage return ('{{\r}}'), or a carriage return followed immediately by a linefeed.

Any code that uses this method is susceptible to abuse because the user can enter a string of any length. This does not require the noncompliant code example to read input using a loop.

Compliant Solution (

...

Use Databases)

If the objects or data structures are large enough to potentially cause heap exhaustion, the programmer must consider using databases instead.

...

java -Xms<initial heap size> -Xmx<maximum heap size>

For example:,

java -Xms128m -Xmx512m ShowHeapError

...

According to the Java API \[[API 2006|AA. Bibliography#API 06]\], Class {{ObjectInputStream}} documentation:

ObjectOutputStream and ObjectInputStream can provide an application with persistent storage for graphs of objects when used with a FileOutputStream and FileInputStream respectively. ObjectInputStream is used to recover the objects previously serialized. Other uses include passing objects between hosts using a socket stream or for marshaling and unmarshaling arguments and parameters in a remote communication system.

...

Assuming that infinite heap space is available can result in denial of service.

...