[ https://issues.apache.org/jira/browse/THRIFT-1414?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Maik Greubel updated THRIFT-1414: --------------------------------- Attachment: thrift-0.9.0-c_glib-jira1414.patch The attached patch can be applied to 0.9.0. {code} --- thrift-0.9.0/lib/c_glib/src/thrift/transport/thrift_socket.c.orig 2012-10-17 09:15:16.000000000 +0200 +++ thrift-0.9.0/lib/c_glib/src/thrift/transport/thrift_socket.c 2012-10-17 09:15:48.000000000 +0200 @@ -129,7 +129,7 @@ while (got < len) { - ret = recv (socket->sd, buf, len, 0); + ret = recv (socket->sd, buf+got, len-got, 0); if (ret < 0) { g_set_error (error, THRIFT_TRANSPORT_ERROR, --- thrift-0.9.0/lib/c_glib/src/thrift/transport/thrift_buffered_transport.c.orig 2012-10-17 09:16:07.000000000 +0200 +++ thrift-0.9.0/lib/c_glib/src/thrift/transport/thrift_buffered_transport.c 2012-10-17 09:17:26.000000000 +0200 @@ -71,7 +71,7 @@ ThriftBufferedTransport *t = THRIFT_BUFFERED_TRANSPORT (transport); guint32 want = len; guint32 got = 0; - guchar tmpdata[t->r_buf_size]; + guchar tmpdata[len]; guint32 have = t->r_buf->len; // we shouldn't hit this unless the buffer doesn't have enough to read @@ -101,7 +101,7 @@ } else { got += THRIFT_TRANSPORT_GET_CLASS (t->transport)->read (t->transport, tmpdata, - t->r_buf_size, + want, error); t->r_buf = g_byte_array_append (t->r_buf, tmpdata, got); {code} > bufferoverflow in c_glib buffered transport/socket client > --------------------------------------------------------- > > Key: THRIFT-1414 > URL: https://issues.apache.org/jira/browse/THRIFT-1414 > Project: Thrift > Issue Type: Bug > Components: C glib - Library > Affects Versions: 0.7 > Environment: Server running on Windows 7 SP1 64bit based on csharp. > Client running on Ubuntu 11.04 Server 64 bit (fresh install) based on c_glib. > svn rev: 1190015M > Reporter: Christian Zimnick > Priority: Critical > Attachments: thrift-0.9.0-c_glib-jira1414.patch, THRIFT-1414.patch > > Original Estimate: 10m > Remaining Estimate: 10m > > Quote of comment in source: > ----------------------------------------------- > if the buffer is still smaller than what we > want to read, then just read it directly. > ----------------------------------------------- > But the code reading into the tempdata with size of the buffer and reading > all data into this. > file: lib/c_glib/transport/thrift_buffered_transport.c line 74/98 > Also if the buffer is still bigger that what we want to read, then reading > the buffer size. > But recv blocks than and waiting of data if there nothing to read after the > receiving data len. > file: lib/c_glib/transport/thrift_buffered_transport.c line 118 > i attached a patch that fix this problems but i dont know if all of this is > correct. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira