Uploaded image for project: 'Thrift'
  1. Thrift
  2. THRIFT-2660

Validate the bytes received in TSaslTransport

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.9
    • Fix Version/s: 0.9.2
    • Component/s: Java - Library
    • Labels:
      None
    • Patch Info:
      Patch Available

      Description

      In TSaslTransport#receiveSaslMessage, we are doing two things incorrectly:

      • Not validating the status byte code.
      • Not validating the decoded payload size integer before allocating a whole array with it.

      The latter especially is bad when a network security software sends a thrift server port some garbage data, causing it to receive failures like:

      java.lang.OutOfMemoryError: Java heap space
      	at org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTransport.java:181)
      	at org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessage(TSaslServerTransport.java:125)
      	at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:253)
      

      Or even,

      ERROR org.apache.thrift.server.TThreadPoolServer: Error occurred during processing of message.
      java.lang.NegativeArraySizeException
              at org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTransport.java:181)
              at org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessage(TSaslServerTransport.java:125)
              at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:253)
      

        Attachments

        1. THRIFT-2660.patch
          4 kB
          Harsh J
        2. THRIFT-2660.patch
          4 kB
          Harsh J

          Issue Links

            Activity

              People

              • Assignee:
                roger Roger Meier
                Reporter:
                qwertymaniac Harsh J
              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: