[THRIFT-2194] Node: Not actually prepending residual data in TFramedTransport.receiver - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 0.9
Fix Version/s: 0.9.2
Component/s: Node.js - Library
Labels:
None

Patch Info:

Patch Available

Description

I am seeing an issue where we are creating a Buffer of larger than 1GB so v8 crashes with a fatal exception:
FATAL ERROR: v8::Object::SetIndexedPropertiesToExternalArrayData() length exceeds max acceptable value.

I believe this is due to the fact that we don't actually copy the residual data into the data buffer before reading it, so when we go to create the new frame buffer, we are using the result of binary.readI32(data, 0). Because the residual data isn't there, we create an overly large int and cause the crash.

I'm seeing this bug in node-thrift 0.9.0, but the bug seems like it would still exist in the latest version. I'm also using node 0.6.17.

This looks like it could be related to https://issues.apache.org/jira/browse/THRIFT-1754, but I haven't looked into that too much.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

THRIFT-2194.patch
18/Sep/13 22:19
0.4 kB
Justin Gallardo

Activity

People

Assignee:: Unassigned

Reporter:: Justin Gallardo

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 18/Sep/13 22:18

Updated:: 27/Jun/14 21:00

Resolved:: 13/Dec/13 23:41