[
https://issues.apache.org/jira/browse/THRIFT-6024?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jens Geyer updated THRIFT-6024:
-------------------------------
Labels: breaking (was: )
> Python THeaderTransport and TZlibTransport default max frame/decompressed
> size should be DEFAULT_MAX_FRAME_SIZE (16384000), not HARD_MAX_FRAME_SIZE
> (0x3FFFFFFF)
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: THRIFT-6024
> URL: https://issues.apache.org/jira/browse/THRIFT-6024
> Project: Thrift
> Issue Type: Bug
> Components: Python - Library
> Reporter: Jens Geyer
> Priority: Major
> Labels: breaking
> Time Spent: 20m
> Remaining Estimate: 0h
>
> Python's THeaderTransport and TZlibTransport use HARD_MAX_FRAME_SIZE
> (0x3FFFFFFF, ~1 GB) as the default for both max_frame_size and
> max_decompressed_size, while every other Thrift binding defaults to
> DEFAULT_MAX_FRAME_SIZE (16384000, ~16 MB).
> HARD_MAX_FRAME_SIZE is a protocol-level structural constraint (the THeader
> frame length field is 30 bits wide), not a policy default. Using it as the
> default means Python THeaderTransport and TZlibTransport will accept frames
> up to ~1 GB by default, leaving the application unprotected against oversized
> or malformed frames unless the caller explicitly calls set_max_frame_size().
> Fix: introduce DEFAULT_MAX_FRAME_SIZE = 16384000 in THeaderTransport.py
> (matching all other bindings) and use it as the constructor default in both
> THeaderTransport and TZlibTransport. HARD_MAX_FRAME_SIZE is retained as the
> upper bound enforced by set_max_frame_size() / set_max_decompressed_size().
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
