hrift: abort PHP deserialization on unknown field type
-------------------------------------------------------
Key: THRIFT-1377
URL: https://issues.apache.org/jira/browse/THRIFT-1377
Project: Thrift
Issue Type: Improvement
Components: C++ - Library
Reporter: Dave Watson
Priority: Minor
Attachments:
0005-thrift-abort-PHP-deserialization-on-unknown-field-ty.patch
>From fe3de1c287012f88554f115cf0a1015414f8e644 Mon Sep 17 00:00:00 2001
From: Adam Simpkins <simpk...@fb.com>
Date: Wed, 24 Mar 2010 00:13:36 +0000
Subject: [PATCH 5/9] thrift: abort PHP deserialization on unknown field type
Summary:
Previously the code incorrectly ignored unknown field types. After
reading the field header, if it was an unknown type it would incorrectly
assume there was no data, and start trying to read the next field
immediately. This is clearly a bug.
Not only could this lead to incorrect data being returned, it also
caused the code to get stuck in very long loops when passed invalid
data. This happens if the data looks like an extremely long list of
containing elements of an unknown type. The code tries to parse them
all, but since it thinks they are all 0 bytes, doesn't make forward
progress in the buffer. It can be very slow to try an parse a list of
1 billion empty entries.
Test Plan:
Tried to decode the buffer 'DkyYjVlMTVl'. Previously this would get
stuck in a loop, now it throws a TProtocolException.
Revert Plan:
OK
---
lib/php/src/protocol/TProtocol.php | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
