[
https://issues.apache.org/jira/browse/THRIFT-3978?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15675133#comment-15675133
]
James E. King, III commented on THRIFT-3978:
--------------------------------------------
Discovered when addressing code review comments on THRIFT-3873.
> Thrift C++ runtime uses assert to prevent overflows, checks sanity only in
> debug builds
> ---------------------------------------------------------------------------------------
>
> Key: THRIFT-3978
> URL: https://issues.apache.org/jira/browse/THRIFT-3978
> Project: Thrift
> Issue Type: Bug
> Components: C++ - Library
> Affects Versions: 0.10.0
> Environment: All
> Reporter: James E. King, III
> Assignee: James E. King, III
> Labels: security
>
> Currently there is widespread use of assert in the thrift C++ runtime
> library. Some of the more disturbing cases are security related, for example
> checking header sizes. I recommend we eliminate assertions that are only
> checked in debug mode, and instead throw the appropriate exception, usually a
> TTransportException with CORRUPTED_DATA as the reason. If we're going to
> check for an overflow or a buffer overrun, we should do so in debug and
> release modes. Further, assertions are not easily tested whereas exceptions
> are.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
