[THRIFT-1377] abort PHP deserialization on unknown field type - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.8
Component/s: C++ - Library
Labels:
None

Description

From fe3de1c287012f88554f115cf0a1015414f8e644 Mon Sep 17 00:00:00 2001
From: Adam Simpkins <simpkins@fb.com>
Date: Wed, 24 Mar 2010 00:13:36 +0000
Subject: [PATCH 5/9] thrift: abort PHP deserialization on unknown field type

Summary:
Previously the code incorrectly ignored unknown field types. After
reading the field header, if it was an unknown type it would incorrectly
assume there was no data, and start trying to read the next field
immediately. This is clearly a bug.

Not only could this lead to incorrect data being returned, it also
caused the code to get stuck in very long loops when passed invalid
data. This happens if the data looks like an extremely long list of
containing elements of an unknown type. The code tries to parse them
all, but since it thinks they are all 0 bytes, doesn't make forward
progress in the buffer. It can be very slow to try an parse a list of
1 billion empty entries.

Test Plan:
Tried to decode the buffer 'DkyYjVlMTVl'. Previously this would get
stuck in a loop, now it throws a TProtocolException.

Revert Plan:
OK

—
lib/php/src/protocol/TProtocol.php | 6 ++++--
1 files changed, 4 insertions, 2 deletions

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

0005-thrift-abort-PHP-deserialization-on-unknown-field-ty.patch
06/Oct/11 15:13
0.7 kB
Dave Watson

Activity

People

Assignee:: Dave Watson

Reporter:: Dave Watson

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 06/Oct/11 15:13

Updated:: 07/Oct/11 01:30

Resolved:: 07/Oct/11 00:17