You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@thrift.apache.org by "Jens Geyer (Jira)" <ji...@apache.org> on 2020/09/02 06:51:00 UTC

[jira] [Resolved] (THRIFT-5255) Fix stack overflow in framed transport

     [ https://issues.apache.org/jira/browse/THRIFT-5255?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jens Geyer resolved THRIFT-5255.
--------------------------------
    Fix Version/s: 0.14.0
       Resolution: Fixed

> Fix stack overflow in framed transport
> --------------------------------------
>
>                 Key: THRIFT-5255
>                 URL: https://issues.apache.org/jira/browse/THRIFT-5255
>             Project: Thrift
>          Issue Type: Bug
>          Components: C glib - Library
>    Affects Versions: 0.13.0
>            Reporter: wangyunjian
>            Assignee: wangyunjian
>            Priority: Blocker
>              Labels: patch
>             Fix For: 0.14.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Alloca() allocates memory on the stack. A stack overflow exception is generated if the space cannot be allocated.
> Use g_new0 instead of g_alloca.
> =================================================================
> ==test_server==130665==ERROR: AddressSanitizer: stack-overflow on address 0x7ffbfe573e98 (pc 0x7f0b0e309147 bp 0x7ffc11174000 sp 0x7ffbfe573ea0 T0)
>     #0 0x7f0b0e309146 in thrift_framed_transport_flush src/thrift/c_glib/transport/thrift_framed_transport.c:235
>     #1 0x7f0b0e2fe874 in thrift_transport_flush src/thrift/c_glib/transport/thrift_transport.c:85
>     #2 0x4299ab in t_test_thrift_test_processor_process_test_string gen-c_glib/t_test_thrift_test.c:5170
>     #3 0x434266 in t_test_thrift_test_processor_dispatch_call gen-c_glib/t_test_thrift_test.c:7179
>     #4 0x7f0b0e2e82f0 in thrift_dispatch_processor_process src/thrift/c_glib/processor/thrift_dispatch_processor.c:56
>     #5 0x7f0b0e30c7d2 in thrift_simple_server_serve src/thrift/c_glib/server/thrift_simple_server.c:58
>     #6 0x7f0b0e30b65b in thrift_server_serve src/thrift/c_glib/server/thrift_server.c:108
>     #7 0x40946c in main src/test_server.c:280
>     #8 0x7f0b0ce28872 in __libc_start_main (/usr/lib64/libc.so.6+0x23872)
>     #9 0x404a6d in _start (/mnt/hgfs/share/thrift-0.13.0/test/c_glib/.libs/test_server+0x404a6d)
> SUMMARY: AddressSanitizer: stack-overflow src/thrift/c_glib/transport/thrift_framed_transport.c:235 in thrift_framed_transport_flush
> ==test_server==130665==ABORTING



--
This message was sent by Atlassian Jira
(v8.3.4#803005)