You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Charles (Jira)" <ji...@apache.org> on 2020/04/07 08:07:00 UTC

[jira] [Created] (MESOS-10110) libprocess: check protobuf (de)serialisation success

Charles created MESOS-10110:
-------------------------------

             Summary: libprocess: check protobuf (de)serialisation success
                 Key: MESOS-10110
                 URL: https://issues.apache.org/jira/browse/MESOS-10110
             Project: Mesos
          Issue Type: Bug
          Components: libprocess
            Reporter: Charles


Before the code didn't check at all the return value of
 {{Message::SerializeToString}}, which can fail for various reasons,
 e.g. out-of-memory, message too large, or invalid UTF-8 string.
 Also, the way deserialisation was checked for error using
 {{Message::IsInitialized}} doesn't detect errors such as the above,
 we need to check {{Message::ParseFromString}} return value.

{{}}

We noticed this at work because our custom executor had a bug causing it to send invalid/non-UTF8 {{mesos.TaskID}}, but it was successfully serialised by the executor (driver), and deserialised by the framework, which was blowing it to blow up at later point far from the original source of the problem.

More generally we want to catch such invalid messages - which can happen for a variety of reasons - as early as possible.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)