James E. King, III created THRIFT-3062: ------------------------------------------
Summary: C++ TServerSocket invalid port number (over 999999) causes stack corruption Key: THRIFT-3062 URL: https://issues.apache.org/jira/browse/THRIFT-3062 Project: Thrift Issue Type: Bug Components: C++ - Library Affects Versions: 0.9.2 Reporter: James E. King, III In {{TServerSocket::listen()}} a buffer of size 7 is allocated for the string to numeric translation of the port number, defined as {{int}}: {noformat} char port[sizeof("65536") + 1]; ... sprintf(port, "%d", port_);{noformat} An input of 1000000 or more will cause stack corruption. Recommend changing sprintf to something safer, or making a larger buffer. In this case, one can safely allocate a fixed size buffer on the stack to accomodate the largest result possible, avoiding the problem. -- This message was sent by Atlassian JIRA (v6.3.4#6332)