[ https://issues.apache.org/jira/browse/THRIFT-5007?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17290224#comment-17290224 ]
Jens Geyer commented on THRIFT-5007: ------------------------------------ CVE-2020-13949: potential DoS when processing untrusted Thrift payloads > Implement MAX_MESSAGE_SIZE and remaining read bytes control > ----------------------------------------------------------- > > Key: THRIFT-5007 > URL: https://issues.apache.org/jira/browse/THRIFT-5007 > Project: Thrift > Issue Type: Improvement > Components: Delphi - Library > Reporter: Jens Geyer > Assignee: Jens Geyer > Priority: Major > Fix For: 0.14.0 > > Time Spent: 20m > Remaining Estimate: 0h > > There should be a way to control the maximum allowed message size similar to > the maximum frame size control at TFramedTransport, but on a more general > level suitable for all kinds of transport/protocol. -- This message was sent by Atlassian Jira (v8.3.4#803005)