Serious h2 database corrupt under unusual high load
skbeh opened this issue ยท 3 comments
Description
Yesterday a hacker spammed my server by clicking a sign which executes commands for granting players permissions. During that, the h2 database engine of luckperms crashed. Then the server automaticly restarted but the database can not be opened anymore.
I also noticed that the version of h2 library is very outdated (1.4.199) which is not supported by their team and has known security vulnerabilities. They said in the changelog that 2.x version improved stability when an application crash. Although upgrading it will break a lot and not forward compatible, the security and stability benefits seem worthwhile.
Reproduction Steps
The problem happends by chance so there may be not a way to stably reproduce it. Even though, I am trying my best to make it.
Expected Behaviour
Luckperms plugin can handle whatever high load without database corruption.
Server Details
https://github.com/Wind-Development/WindSpigot
LuckPerms Version
v5.4.36
Extra Details
No response
It looks like your server is in offline mode. Please know that being in offline mode inherently makes your server less secure. I don't see why LuckPerms should be responsible for someone causing your database to break because you run you server in offline mode. I haven't experienced a corrupt H2 file before, but it appears your H2 file might just be locked because it wasn't unlocked properly from the server crashing, so there is a chance the data is still intact, but I could be wrong about that.
Please know that being in offline mode inherently makes your server less secure.
Online mode not solves any bugs in existing code (There have been reports that this h2 version is easy to be corrupted like h2database/h2database#2730).
it appears your H2 file might just be locked
There is not any lock file around the he db file. Even the official database recover tool java -cp h2*.jar org.h2.tools.Recover, reporting java.nio.BufferUnderflowException, not works.
The java.lang.IllegalStateException: The file is locked may be because of unproper handle of db opening failure.
LP v5.4.50 upgrades h2 from 1.4.199 to 2.1.214.
The migration is automatic on startup:
And a backup of the old format is retained in the LuckPerms folder:
Hopefully this will help with the corruption issues some people are seeing. Unfortunately, not sure what to suggest to fix any existing broken db files. If the recovery tool doesn't work, then you might be s' out of luck :(