Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
Description
Classes in o.a.a.core.data (and potentially elsewhere) that support construction from a Thrift object and/or population from a DataInput (via a readFields() method) often lack data validity checks that the classes' constructors enforce. The missing checks make it possible for an attacker to create invalid objects by manipulating the bytes being read. The situation is analogous to the need to check objects deserialized from their Java serialized form within the readObject() method.
Attachments
Attachments
Issue Links
- links to