You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@thrift.apache.org by "wangyunjian (Jira)" <ji...@apache.org> on 2020/05/29 14:51:00 UTC
[jira] [Updated] (THRIFT-5221) Fix stack overflow when reading
buffer
[ https://issues.apache.org/jira/browse/THRIFT-5221?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
wangyunjian updated THRIFT-5221:
--------------------------------
Description:
Alloca() allocates memory on the stack. A stack overflow exception is generated if the space cannot be allocated.
Use g_new0 instead of g_alloca.
=================================================================
==lt-tutorial_client==24186==ERROR: AddressSanitizer: stack-overflow on address 0x7ffdcda0c1e8 (pc 0x7fef1f6eec74 bp 0x7ffdce40c2b0 sp 0x7ffdcda0c1f0 T0)
#0 0x7fef1f6eec73 in thrift_buffered_transport_read_slow src/thrift/c_glib/transport/thrift_buffered_transport.c:82
#1 0x7fef1f6ef2c2 in thrift_buffered_transport_read src/thrift/c_glib/transport/thrift_buffered_transport.c:152
#2 0x7fef1f6e7a08 in thrift_transport_real_read_all src/thrift/c_glib/transport/thrift_transport.c:122
#3 0x7fef1f6e78f1 in thrift_transport_read_all src/thrift/c_glib/transport/thrift_transport.c:92
#4 0x7fef1f6dd2f6 in thrift_binary_protocol_read_string src/thrift/c_glib/protocol/thrift_binary_protocol.c:800
#5 0x7fef1f6d444c in thrift_protocol_read_string src/thrift/c_glib/protocol/thrift_protocol.c:410
#6 0x40cf1c in shared_struct_read gen-c_glib/shared_types.c:91
#7 0x7fef1f6cf865 in thrift_struct_read src/thrift/c_glib/thrift_struct.c:30
#8 0x40ad30 in shared_service_client_recv_get_struct gen-c_glib/shared_service.c:227
#9 0x40b0b9 in shared_service_client_get_struct gen-c_glib/shared_service.c:268
#10 0x402ead in main /mnt/hgfs/share/thrift-0.13.0/tutorial/c_glib/c_glib_client.c:163
#11 0x7fef1e212872 in __libc_start_main (/usr/lib64/libc.so.6+0x23872)
#12 0x40269d in _start (/mnt/hgfs/share/thrift-0.13.0/tutorial/c_glib/.libs/lt-tutorial_client+0x40269d)
SUMMARY: AddressSanitizer: stack-overflow src/thrift/c_glib/transport/thrift_buffered_transport.c:82 in thrift_buffered_transport_read_slow
==lt-tutorial_client==24186==ABORTING
was:
=================================================================
==lt-tutorial_client==24186==ERROR: AddressSanitizer: stack-overflow on address 0x7ffdcda0c1e8 (pc 0x7fef1f6eec74 bp 0x7ffdce40c2b0 sp 0x7ffdcda0c1f0 T0)
#0 0x7fef1f6eec73 in thrift_buffered_transport_read_slow src/thrift/c_glib/transport/thrift_buffered_transport.c:82
#1 0x7fef1f6ef2c2 in thrift_buffered_transport_read src/thrift/c_glib/transport/thrift_buffered_transport.c:152
#2 0x7fef1f6e7a08 in thrift_transport_real_read_all src/thrift/c_glib/transport/thrift_transport.c:122
#3 0x7fef1f6e78f1 in thrift_transport_read_all src/thrift/c_glib/transport/thrift_transport.c:92
#4 0x7fef1f6dd2f6 in thrift_binary_protocol_read_string src/thrift/c_glib/protocol/thrift_binary_protocol.c:800
#5 0x7fef1f6d444c in thrift_protocol_read_string src/thrift/c_glib/protocol/thrift_protocol.c:410
#6 0x40cf1c in shared_struct_read gen-c_glib/shared_types.c:91
#7 0x7fef1f6cf865 in thrift_struct_read src/thrift/c_glib/thrift_struct.c:30
#8 0x40ad30 in shared_service_client_recv_get_struct gen-c_glib/shared_service.c:227
#9 0x40b0b9 in shared_service_client_get_struct gen-c_glib/shared_service.c:268
#10 0x402ead in main /mnt/hgfs/share/thrift-0.13.0/tutorial/c_glib/c_glib_client.c:163
#11 0x7fef1e212872 in __libc_start_main (/usr/lib64/libc.so.6+0x23872)
#12 0x40269d in _start (/mnt/hgfs/share/thrift-0.13.0/tutorial/c_glib/.libs/lt-tutorial_client+0x40269d)
SUMMARY: AddressSanitizer: stack-overflow src/thrift/c_glib/transport/thrift_buffered_transport.c:82 in thrift_buffered_transport_read_slow
==lt-tutorial_client==24186==ABORTING
> Fix stack overflow when reading buffer
> --------------------------------------
>
> Key: THRIFT-5221
> URL: https://issues.apache.org/jira/browse/THRIFT-5221
> Project: Thrift
> Issue Type: Bug
> Components: C glib - Library
> Affects Versions: 0.13.0
> Reporter: wangyunjian
> Assignee: wangyunjian
> Priority: Major
>
> Alloca() allocates memory on the stack. A stack overflow exception is generated if the space cannot be allocated.
> Use g_new0 instead of g_alloca.
> =================================================================
> ==lt-tutorial_client==24186==ERROR: AddressSanitizer: stack-overflow on address 0x7ffdcda0c1e8 (pc 0x7fef1f6eec74 bp 0x7ffdce40c2b0 sp 0x7ffdcda0c1f0 T0)
> #0 0x7fef1f6eec73 in thrift_buffered_transport_read_slow src/thrift/c_glib/transport/thrift_buffered_transport.c:82
> #1 0x7fef1f6ef2c2 in thrift_buffered_transport_read src/thrift/c_glib/transport/thrift_buffered_transport.c:152
> #2 0x7fef1f6e7a08 in thrift_transport_real_read_all src/thrift/c_glib/transport/thrift_transport.c:122
> #3 0x7fef1f6e78f1 in thrift_transport_read_all src/thrift/c_glib/transport/thrift_transport.c:92
> #4 0x7fef1f6dd2f6 in thrift_binary_protocol_read_string src/thrift/c_glib/protocol/thrift_binary_protocol.c:800
> #5 0x7fef1f6d444c in thrift_protocol_read_string src/thrift/c_glib/protocol/thrift_protocol.c:410
> #6 0x40cf1c in shared_struct_read gen-c_glib/shared_types.c:91
> #7 0x7fef1f6cf865 in thrift_struct_read src/thrift/c_glib/thrift_struct.c:30
> #8 0x40ad30 in shared_service_client_recv_get_struct gen-c_glib/shared_service.c:227
> #9 0x40b0b9 in shared_service_client_get_struct gen-c_glib/shared_service.c:268
> #10 0x402ead in main /mnt/hgfs/share/thrift-0.13.0/tutorial/c_glib/c_glib_client.c:163
> #11 0x7fef1e212872 in __libc_start_main (/usr/lib64/libc.so.6+0x23872)
> #12 0x40269d in _start (/mnt/hgfs/share/thrift-0.13.0/tutorial/c_glib/.libs/lt-tutorial_client+0x40269d)
> SUMMARY: AddressSanitizer: stack-overflow src/thrift/c_glib/transport/thrift_buffered_transport.c:82 in thrift_buffered_transport_read_slow
> ==lt-tutorial_client==24186==ABORTING
--
This message was sent by Atlassian Jira
(v8.3.4#803005)