hrift: abort PHP deserialization on unknown field type -------------------------------------------------------
Key: THRIFT-1377 URL: https://issues.apache.org/jira/browse/THRIFT-1377 Project: Thrift Issue Type: Improvement Components: C++ - Library Reporter: Dave Watson Priority: Minor Attachments: 0005-thrift-abort-PHP-deserialization-on-unknown-field-ty.patch >From fe3de1c287012f88554f115cf0a1015414f8e644 Mon Sep 17 00:00:00 2001 From: Adam Simpkins <simpk...@fb.com> Date: Wed, 24 Mar 2010 00:13:36 +0000 Subject: [PATCH 5/9] thrift: abort PHP deserialization on unknown field type Summary: Previously the code incorrectly ignored unknown field types. After reading the field header, if it was an unknown type it would incorrectly assume there was no data, and start trying to read the next field immediately. This is clearly a bug. Not only could this lead to incorrect data being returned, it also caused the code to get stuck in very long loops when passed invalid data. This happens if the data looks like an extremely long list of containing elements of an unknown type. The code tries to parse them all, but since it thinks they are all 0 bytes, doesn't make forward progress in the buffer. It can be very slow to try an parse a list of 1 billion empty entries. Test Plan: Tried to decode the buffer 'DkyYjVlMTVl'. Previously this would get stuck in a loop, now it throws a TProtocolException. Revert Plan: OK --- lib/php/src/protocol/TProtocol.php | 6 ++++-- 1 files changed, 4 insertions(+), 2 deletions(-) -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira