You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@thrift.apache.org by ro...@apache.org on 2011/12/11 21:07:22 UTC
svn commit: r1213052 - in /thrift/trunk/lib/cpp/src/server:
TNonblockingServer.cpp TNonblockingServer.h
Author: roger
Date: Sun Dec 11 20:07:21 2011
New Revision: 1213052
URL: http://svn.apache.org/viewvc?rev=1213052&view=rev
Log:
THRIFT-1337 support maximum frame size in TNonblockingServer
Patch: Dave Watson
Modified:
thrift/trunk/lib/cpp/src/server/TNonblockingServer.cpp
thrift/trunk/lib/cpp/src/server/TNonblockingServer.h
Modified: thrift/trunk/lib/cpp/src/server/TNonblockingServer.cpp
URL: http://svn.apache.org/viewvc/thrift/trunk/lib/cpp/src/server/TNonblockingServer.cpp?rev=1213052&r1=1213051&r2=1213052&view=diff
==============================================================================
--- thrift/trunk/lib/cpp/src/server/TNonblockingServer.cpp (original)
+++ thrift/trunk/lib/cpp/src/server/TNonblockingServer.cpp Sun Dec 11 20:07:21 2011
@@ -17,6 +17,8 @@
* under the License.
*/
+#define __STDC_FORMAT_MACROS
+
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
@@ -435,7 +437,7 @@ void TNonblockingServer::TConnection::wo
case SOCKET_RECV_FRAMING:
union {
uint8_t buf[sizeof(uint32_t)];
- int32_t size;
+ uint32_t size;
} framing;
// if we've already received some bytes we kept them here
@@ -465,8 +467,14 @@ void TNonblockingServer::TConnection::wo
}
readWant_ = ntohl(framing.size);
- if (static_cast<int>(readWant_) <= 0) {
- GlobalOutput.printf("TConnection:workSocket() Negative frame size %d, remote side not using TFramedTransport?", static_cast<int>(readWant_));
+ if (readWant_ > server_->getMaxFrameSize()) {
+ // Don't allow giant frame sizes. This prevents bad clients from
+ // causing us to try and allocate a giant buffer.
+ GlobalOutput.printf("TNonblockingServer: frame size too large "
+ "(%"PRIu32" > %zu) from client %s. remote side not "
+ "using TFramedTransport?",
+ readWant_, server_->getMaxFrameSize(),
+ tSocket_->getSocketInfo().c_str());
close();
return;
}
Modified: thrift/trunk/lib/cpp/src/server/TNonblockingServer.h
URL: http://svn.apache.org/viewvc/thrift/trunk/lib/cpp/src/server/TNonblockingServer.h?rev=1213052&r1=1213051&r2=1213052&view=diff
==============================================================================
--- thrift/trunk/lib/cpp/src/server/TNonblockingServer.h (original)
+++ thrift/trunk/lib/cpp/src/server/TNonblockingServer.h Sun Dec 11 20:07:21 2011
@@ -121,6 +121,9 @@ class TNonblockingServer : public TServe
/// Default limit on size of idle connection pool
static const size_t CONNECTION_STACK_LIMIT = 1024;
+ /// Default limit on frame size
+ static const int MAX_FRAME_SIZE = 256 * 1024 * 1024;
+
/// Default limit on total number of connected sockets
static const int MAX_CONNECTIONS = INT_MAX;
@@ -190,6 +193,9 @@ class TNonblockingServer : public TServe
/// Limit for number of open connections
size_t maxConnections_;
+ /// Limit for frame size
+ size_t maxFrameSize_;
+
/// Time in milliseconds before an unperformed task expires (0 == infinite).
int64_t taskExpireTime_;
@@ -271,6 +277,7 @@ class TNonblockingServer : public TServe
connectionStackLimit_ = CONNECTION_STACK_LIMIT;
maxActiveProcessors_ = MAX_ACTIVE_PROCESSORS;
maxConnections_ = MAX_CONNECTIONS;
+ maxFrameSize_ = MAX_FRAME_SIZE;
taskExpireTime_ = 0;
overloadHysteresis_ = 0.8;
overloadAction_ = T_OVERLOAD_NO_ACTION;
@@ -519,6 +526,27 @@ class TNonblockingServer : public TServe
}
/**
+ * Get the maximum allowed frame size.
+ *
+ * If a client tries to send a message larger than this limit,
+ * its connection will be closed.
+ *
+ * @return Maxium frame size, in bytes.
+ */
+ size_t getMaxFrameSize() const {
+ return maxFrameSize_;
+ }
+
+ /**
+ * Set the maximum allowed frame size.
+ *
+ * @param maxFrameSize The new maximum frame size.
+ */
+ void setMaxFrameSize(size_t maxFrameSize) {
+ maxFrameSize_ = maxFrameSize;
+ }
+
+ /**
* Get fraction of maximum limits before an overload condition is cleared.
*
* @return hysteresis fraction