You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by te...@apache.org on 2014/06/17 18:03:45 UTC
git commit: HBASE-11052 Sending random data crashes thrift service
Repository: hbase
Updated Branches:
refs/heads/master e476947d3 -> 1324a3cb1
HBASE-11052 Sending random data crashes thrift service
Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/1324a3cb
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/1324a3cb
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/1324a3cb
Branch: refs/heads/master
Commit: 1324a3cb1807ee9eaa65deeefca5ee222045bdc3
Parents: e476947
Author: Ted Yu <te...@apache.org>
Authored: Tue Jun 17 16:03:16 2014 +0000
Committer: Ted Yu <te...@apache.org>
Committed: Tue Jun 17 16:03:16 2014 +0000
----------------------------------------------------------------------
.../src/main/resources/hbase-default.xml | 19 +++++++++++++++++++
.../hadoop/hbase/thrift/ThriftServerRunner.java | 4 +++-
.../hadoop/hbase/thrift2/ThriftServer.java | 7 ++++---
3 files changed, 26 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hbase/blob/1324a3cb/hbase-common/src/main/resources/hbase-default.xml
----------------------------------------------------------------------
diff --git a/hbase-common/src/main/resources/hbase-default.xml b/hbase-common/src/main/resources/hbase-default.xml
index 42ff032..d80beb3 100644
--- a/hbase-common/src/main/resources/hbase-default.xml
+++ b/hbase-common/src/main/resources/hbase-default.xml
@@ -953,6 +953,25 @@ possible configurations would overwhelm and obscure the important.
</description>
</property>
<property>
+ <name>hbase.regionserver.thrift.framed</name>
+ <value>false</value>
+ <description>Use Thrift TFramedTransport on the server side.
+ This is the recommended transport for thrift servers and requires a similar setting
+ on the client side. Changing this to false will select the default transport,
+ vulnerable to DoS when malformed requests are issued due to THRIFT-601.
+ </description>
+ </property>
+ <property>
+ <name>hbase.regionserver.thrift.framed.max_frame_size_in_mb</name>
+ <value>2</value>
+ <description>Default frame size when using framed transport</description>
+ </property>
+ <property>
+ <name>hbase.regionserver.thrift.compact</name>
+ <value>false</value>
+ <description>Use Thrift TCompactProtocol binary serialization protocol.</description>
+ </property>
+ <property>
<name>hbase.offheapcache.percentage</name>
<value>0</value>
<description>The percentage of the off heap space (-XX:MaxDirectMemorySize) to be
http://git-wip-us.apache.org/repos/asf/hbase/blob/1324a3cb/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java
----------------------------------------------------------------------
diff --git a/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java b/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java
index 67fda02..4ddb6f8 100644
--- a/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java
+++ b/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java
@@ -118,6 +118,7 @@ public class ThriftServerRunner implements Runnable {
static final String BIND_CONF_KEY = "hbase.regionserver.thrift.ipaddress";
static final String COMPACT_CONF_KEY = "hbase.regionserver.thrift.compact";
static final String FRAMED_CONF_KEY = "hbase.regionserver.thrift.framed";
+ static final String MAX_FRAME_SIZE_CONF_KEY = "hbase.regionserver.thrift.framed.max_frame_size_in_mb";
static final String PORT_CONF_KEY = "hbase.regionserver.thrift.port";
static final String COALESCE_INC_KEY = "hbase.regionserver.thrift.coalesceIncrement";
@@ -283,7 +284,8 @@ public class ThriftServerRunner implements Runnable {
// Construct correct TransportFactory
TTransportFactory transportFactory;
if (conf.getBoolean(FRAMED_CONF_KEY, false) || implType.isAlwaysFramed) {
- transportFactory = new TFramedTransport.Factory();
+ transportFactory = new TFramedTransport.Factory(
+ conf.getInt(MAX_FRAME_SIZE_CONF_KEY, 2) * 1024 * 1024);
LOG.debug("Using framed transport");
} else {
transportFactory = new TTransportFactory();
http://git-wip-us.apache.org/repos/asf/hbase/blob/1324a3cb/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift2/ThriftServer.java
----------------------------------------------------------------------
diff --git a/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift2/ThriftServer.java b/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift2/ThriftServer.java
index 3208488..fb76465 100644
--- a/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift2/ThriftServer.java
+++ b/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift2/ThriftServer.java
@@ -125,10 +125,10 @@ public class ThriftServer {
}
}
- private static TTransportFactory getTTransportFactory(boolean framed) {
+ private static TTransportFactory getTTransportFactory(boolean framed, int frameSize) {
if (framed) {
log.debug("Using framed transport");
- return new TFramedTransport.Factory();
+ return new TFramedTransport.Factory(frameSize);
} else {
return new TTransportFactory();
}
@@ -274,7 +274,8 @@ public class ThriftServer {
boolean framed = cmd.hasOption("framed") ||
conf.getBoolean("hbase.regionserver.thrift.framed", false) || nonblocking || hsha;
- TTransportFactory transportFactory = getTTransportFactory(framed);
+ TTransportFactory transportFactory = getTTransportFactory(framed,
+ conf.getInt("hbase.regionserver.thrift.framed.max_frame_size_in_mb", 2) * 1024 * 1024);
InetSocketAddress inetSocketAddress = bindToPort(cmd.getOptionValue("bind"), listenPort);
conf.setBoolean("hbase.regionserver.thrift.framed", framed);