Uploaded image for project: 'Thrift'
  1. Thrift
  2. THRIFT-3930

C++ JSON protocol gets unresponsive when feed with invalid data

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Cannot Reproduce
    • Affects Version/s: 0.9.3
    • Fix Version/s: None
    • Component/s: C++ - Library
    • Labels:
    • Environment:

      Linux armv7

      Description

      When I send invalid data to service via TJSONProtocol it gets unresponsive until all the data is processed.

      When I send for example the following string via POST:
      [1,"0123456789",1,0,{"1":{"str":"0123456789"}}]0123456789"

      The server responds with:
      {{[1,"0123456789",3,0,{"1":

      {"str":"Invalid method name: '0123456789'"}

      ,"2":{"i32":1}}]}}

      On the server side I get messages like:
      Thrift: Fri Jan 1 00:10:52 2010 TConnectedClient protocol exception: Expected '['; got '6'.
      This messages keep coming long after the response was already received.

      If multiple requests like the ones above are made the server is blocked for a long time doing nothing but printing the above mentioned messages.
      This allows to easily do denial of service towards the server.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jking3 James E. King III
                Reporter:
                pascal.bach Pascal Bach
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: