[jira] [Commented] (THRIFT-1770) Killing a thrift 0.8 server with telnet

Sat, 19 Jan 2013 15:16:14 -0800 

    [ 
https://issues.apache.org/jira/browse/THRIFT-1770?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13558118#comment-13558118
 ] 

Niraj Tolia commented on THRIFT-1770:
-------------------------------------

Mustafa: Yes, that is completely correct. The characters bytes are interpreted 
as a number and, in particular, as an int. I just dug up the code and this is 
what FrameBuffer.read() in 0.9 has:

{code}
          // pull out the frame size as an integer.
          int frameSize = buffer_.getInt(0); 
{code}

So, if you convert "asdf" to binary, it gives you "0110 0001 0111 0011 0110 
0100 0110 0110", which is 1634952294 in decimal.
                
> Killing a thrift 0.8 server with telnet 
> ----------------------------------------
>
>                 Key: THRIFT-1770
>                 URL: https://issues.apache.org/jira/browse/THRIFT-1770
>             Project: Thrift
>          Issue Type: Bug
>            Reporter: oliver  z
>            Priority: Critical
>
> I have a thrift 0.8 server running which is very easy to kill from outside of 
> the network. Simply telnet to it and type some random chars in it like "asdf" 
> - thats enough to kill the server with a OOM exception:
> 10:12:40.461 [Thread-1] [ERROR] o.a.t.server.THsHaServer - run() exiting due 
> to uncaught error 
> java.lang.OutOfMemoryError: Java heap space
>       at java.nio.HeapByteBuffer.<init>(Unknown Source) ~[na:1.7.0_04]
>       at java.nio.ByteBuffer.allocate(Unknown Source) ~[na:1.7.0_04]
>       at 
> org.apache.thrift.server.AbstractNonblockingServer$FrameBuffer.read(AbstractNonblockingServer.java:338)
>  ~[libthrift-0.8.0.jar:0.8.0]
>       at 
> org.apache.thrift.server.AbstractNonblockingServer$AbstractSelectThread.handleRead(AbstractNonblockingServer.java:202)
>  ~[libthrift-0.8.0.jar:0.8.0]
>       at 
> org.apache.thrift.server.TNonblockingServer$SelectAcceptThread.select(TNonblockingServer.java:198)
>  ~[libthrift-0.8.0.jar:0.8.0]
>       at 
> org.apache.thrift.server.TNonblockingServer$SelectAcceptThread.run(TNonblockingServer.java:154)
>  ~[libthrift-0.8.0.jar:0.8.0]
> I guess its pretty related to https://issues.apache.org/jira/browse/THRIFT-602

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to