Uploaded image for project: 'Thrift'
  1. Thrift
  2. THRIFT-2194

Node: Not actually prepending residual data in TFramedTransport.receiver

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 0.9
    • 0.9.2
    • Node.js - Library
    • None
    • Patch Available

    Description

      I am seeing an issue where we are creating a Buffer of larger than 1GB so v8 crashes with a fatal exception:
      FATAL ERROR: v8::Object::SetIndexedPropertiesToExternalArrayData() length exceeds max acceptable value.

      I believe this is due to the fact that we don't actually copy the residual data into the data buffer before reading it, so when we go to create the new frame buffer, we are using the result of binary.readI32(data, 0). Because the residual data isn't there, we create an overly large int and cause the crash.

      I'm seeing this bug in node-thrift 0.9.0, but the bug seems like it would still exist in the latest version. I'm also using node 0.6.17.

      This looks like it could be related to https://issues.apache.org/jira/browse/THRIFT-1754, but I haven't looked into that too much.

      Attachments

        1. THRIFT-2194.patch
          0.4 kB
          Justin Gallardo

        Activity

          People

            Unassigned Unassigned
            jirwin Justin Gallardo
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: