Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-10110

Libprocess ignores most protobuf (de)serialisation failure cases.

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.10.0
    • Component/s: libprocess
    • Labels:
      None

      Description

      Before the code didn't check at all the return value of
      Message::SerializeToString, which can fail for various reasons,
      e.g. out-of-memory, message too large, or invalid UTF-8 string.
      Also, the way deserialisation was checked for error using
      Message::IsInitialized doesn't detect errors such as the above,
      we need to check Message::ParseFromString return value.

      {{}}

      We noticed this at work because our custom executor had a bug causing it to send invalid/non-UTF8 mesos.TaskID, but it was successfully serialised by the executor (driver), and deserialised by the framework, which was blowing it to blow up at later point far from the original source of the problem.

      More generally we want to catch such invalid messages - which can happen for a variety of reasons - as early as possible.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                cf.natali Charles Natali
                Reporter:
                Charle Charles N
                Shepherd:
                Benjamin Mahler
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: