-
Type:
Bug
-
Status: Open
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 0.10.0
-
Fix Version/s: None
-
Component/s: C++ - Library
-
Labels:
-
Environment:
All
Currently there is widespread use of assert in the thrift C++ runtime library. Some of the more disturbing cases are security related, for example checking header sizes. I recommend we eliminate assertions that are only checked in debug mode, and instead throw the appropriate exception, usually a TTransportException with CORRUPTED_DATA as the reason. If we're going to check for an overflow or a buffer overrun, we should do so in debug and release modes. Further, assertions are not easily tested whereas exceptions are.
In THRIFT-3873 apache::thrift::transport::safe_numeric_cast was added, so I also suggest changing static_cast to safe_numeric_cast where appropriate throughout the transport code to catch any overflow errors.
Another location where assert is used liberally is inside the posix Mutex implementation.
- relates to
-
-
- Closed
-
-
THRIFT-4730 Remove pthread and boost::thread library support and use std::thread for C++11
-
- Closed
-
- links to
