diff --git a/src/com/hypixel/hytale/storage/IndexedStorageFile.java b/src/com/hypixel/hytale/storage/IndexedStorageFile.java index 4567ca47..5ba83e7f 100644 --- a/src/com/hypixel/hytale/storage/IndexedStorageFile.java +++ b/src/com/hypixel/hytale/storage/IndexedStorageFile.java @@ -277,16 +277,27 @@ public class IndexedStorageFile implements Closeable { if (firstSegmentIndex == 0) { compressedLength = 0; } else { - ByteBuffer blobHeaderBuffer = this.readBlobHeader(firstSegmentIndex); - compressedLength = blobHeaderBuffer.getInt(COMPRESSED_LENGTH_OFFSET); + try { + ByteBuffer blobHeaderBuffer = this.readBlobHeader(firstSegmentIndex); + compressedLength = blobHeaderBuffer.getInt(COMPRESSED_LENGTH_OFFSET); + } catch (Exception e) { + // Corrupted blob header - skip this blob + compressedLength = 0; + } } } finally { this.indexLocks[blobIndex].unlockRead(segmentStamp); } - if (compressedLength > 0) { + // Validate to prevent OOM from corrupted compressedLength values + // Max reasonable compressed length ~256MB, prevents BitSet from allocating huge arrays + if (compressedLength > 0 && compressedLength < 256 * 1024 * 1024 && firstSegmentIndex > 0) { int segmentsCount = this.requiredSegments(BLOB_HEADER_LENGTH + compressedLength); - this.usedSegments.set(firstSegmentIndex, firstSegmentIndex + segmentsCount); + int toIndex = firstSegmentIndex + segmentsCount; + // Ensure no overflow and reasonable range + if (segmentsCount > 0 && toIndex > firstSegmentIndex) { + this.usedSegments.set(firstSegmentIndex, toIndex); + } } } } finally {