Can force a Java heap space OOME when passing a high startIndex value in the URL

2013-09-18T23:49:07
ID ATLASSIAN:CONF-30852
Type atlassian
Reporter btom
Modified 2017-02-17T04:34:40

Description

h4. Steps to reproduce

Start Confluence 5.2.3

Navigating to the following URL: http://<confluence-base-url>/dosearchsite.action?queryString=1&startIndex=268435455 (or some other high startIndex value)

The browser will spin, and logs will eventually display an out-of-memory error

{code} 2013-09-18 17:13:19,808 ERROR [http-8523-6] [[Standalone].[localhost].[/confluence].[action]] log Servlet.service() for servlet action threw exception -- url: /confluence/dosearchsite.action | userName: admin java.lang.OutOfMemoryError: Java heap space at org.apache.lucene.util.PriorityQueue.<init>(PriorityQueue.java:64) at org.apache.lucene.search.HitQueue.<init>(HitQueue.java:64) at org.apache.lucene.search.TopScoreDocCollector.<init>(TopScoreDocCollector.java:275) at org.apache.lucene.search.TopScoreDocCollector.<init>(TopScoreDocCollector.java:37) at org.apache.lucene.search.TopScoreDocCollector$InOrderTopScoreDocCollector.<init>(TopScoreDocCollector.java:42) at org.apache.lucene.search.TopScoreDocCollector$InOrderTopScoreDocCollector.<init>(TopScoreDocCollector.java:40) at org.apache.lucene.search.TopScoreDocCollector.create(TopScoreDocCollector.java:258) at org.apache.lucene.search.TopScoreDocCollector.create(TopScoreDocCollector.java:238) at com.atlassian.confluence.plugins.search.LuceneSearcher$1.perform(LuceneSearcher.java:81) at com.atlassian.bonnie.LuceneConnection.withSearch(LuceneConnection.java:201) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.atlassian.plugin.osgi.hostcomponents.impl.DefaultComponentRegistrar$ContextClassLoaderSettingInvocationHandler.invoke(DefaultComponentRegistrar.java:129) at com.sun.proxy.$Proxy192.withSearch(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.atlassian.plugin.osgi.bridge.external.HostComponentFactoryBean$DynamicServiceInvocationHandler.invoke(HostComponentFactoryBean.java:154) at com.sun.proxy.$Proxy192.withSearch(Unknown Source) at com.atlassian.confluence.plugins.search.LuceneSearcher.search(LuceneSearcher.java:75) at com.atlassian.confluence.plugins.search.actions.SearchAction.execute(SearchAction.java:94) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:168) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.core.ConfluenceWorkflowInterceptor.intercept(ConfluenceWorkflowInterceptor.java:64) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.xwork.interceptors.XsrfTokenInterceptor.intercept(XsrfTokenInterceptor.java:100) {code}

I was able to replicate the issue on my instance with heap space set to 1024M.