[
https://issues.apache.org/jira/browse/THRIFT-601?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12776072#action_12776072
]
Jonathan Ellis commented on THRIFT-601:
---------------------------------------
I don't know how valuable this is, though...
(1) you can still crash the server with a bogus int anywhere but the frame size
(2) it requres client-side support to warn users if they're trying to build a
command that is too long for the frame size -- and since the default is a
no-op, the server needs to communicate what the actual limit is, if any, to the
client first. is that protocol change worth it, given the limitations of (1)?
> sending random data crashes thrift service
> ------------------------------------------
>
> Key: THRIFT-601
> URL: https://issues.apache.org/jira/browse/THRIFT-601
> Project: Thrift
> Issue Type: Bug
> Components: Library (Java)
> Reporter: Eric Evans
> Priority: Critical
> Attachments: thrift-601.patch
>
>
> Sending random data to a Java thrift service causes it to crash with extreme
> prejudice.
> dd if=/dev/urandom count=1 | nc $host 9160
> ... produces ...
> java.lang.OutOfMemoryError: Java heap space
> at
> org.apache.thrift.protocol.TBinaryProtocol.readStringBody(TBinaryProtocol.java:296)
> at
> org.apache.thrift.protocol.TBinaryProtocol.readMessageBegin(TBinaryProtocol.java:203)
> at
> org.apache.cassandra.service.Cassandra$Processor.process(Cassandra.java:615)
> at
> org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:253)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
> at java.lang.Thread.run(Thread.java:636)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
