Uploaded image for project: 'Thrift'
  1. Thrift
  2. THRIFT-2194

Node: Not actually prepending residual data in TFramedTransport.receiver

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.9
    • Fix Version/s: 0.9.2
    • Component/s: Node.js - Library
    • Labels:
      None
    • Patch Info:
      Patch Available

      Description

      I am seeing an issue where we are creating a Buffer of larger than 1GB so v8 crashes with a fatal exception:
      FATAL ERROR: v8::Object::SetIndexedPropertiesToExternalArrayData() length exceeds max acceptable value.

      I believe this is due to the fact that we don't actually copy the residual data into the data buffer before reading it, so when we go to create the new frame buffer, we are using the result of binary.readI32(data, 0). Because the residual data isn't there, we create an overly large int and cause the crash.

      I'm seeing this bug in node-thrift 0.9.0, but the bug seems like it would still exist in the latest version. I'm also using node 0.6.17.

      This looks like it could be related to https://issues.apache.org/jira/browse/THRIFT-1754, but I haven't looked into that too much.

        Attachments

        1. THRIFT-2194.patch
          0.4 kB
          Justin Gallardo

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              jirwin Justin Gallardo
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: