Description of problem: We are running BRMS version 5.3.1.BRMS-P05-temporary-patch. When attempting to load a stateful knowledge session, a "com.google.protobuf.InvalidProtocolBufferException" exception is thrown in BRMS5.3.1+Roll Up 5 applied, with the message "Protocol message was too large. May be malicious. Use CodedInputStream.setSizeLimit() to increase the size limit.". According to DROOLS-25: When trying to unmarshall a large knowledge session from a file stream, an exception is thrown. It seems that there is a default message size limit in Protobuf (used by Drools marshalling). Apparently, what happens is that the marshalled "Header" message exceeds this size, which causes Protobuf to throw this exception. I suspect that the Header field "payload" is the culprit, since it seems to contain the rest of the knowledge base in byte array form. Suggested solutions: #1 You can set the size limit of the Protobuf CodedInputStream, but there doesn't seem to be any way of providing this parameter to the Drools unmarshalling API. #2 When you unmarshall from a byte array, Protobuf does not enforce any message size limit. I have successfully implemented a patch in drools-core that preloads the file into memory and unmarshalls from a byte array. Probably the least desirable fix. Version-Release number of selected component (if applicable): BRMS 5.3.1 last roll up patch applied (5) Steps to Reproduce: Please see steps to reproduce in https://issues.jboss.org/browse/DROOLS-25.
Cherry-picked to 5.3.x with https://github.com/droolsjbpm/drools/commit/d093f6088
Additional commit required in jbpm 5.2.x due to change above: http://github.com/droolsjbpm/jbpm/commit/b8469ddbe
adding it to patch now, thanks Kris.
Created attachment 1022639 [details] drools25-reproducer.zip Reproducer used by QE attached. Tips to run: export MAVEN_OPTS="-Xmx4G" mvn exec:java -Dexec.mainClass=org.drools25.App
This product has been discontinued or is no longer tracked in Red Hat Bugzilla.