You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@thrift.apache.org by "xiaoqin.fu (JIRA)" <ji...@apache.org> on 2019/08/17 15:33:00 UTC
[jira] [Created] (THRIFT-4928) Sensitive information about expected
and actual reading lengths (len, got) is leaked from TIOStreamTransport to
TTransport through a TTransportException
xiaoqin.fu created THRIFT-4928:
----------------------------------
Summary: Sensitive information about expected and actual reading lengths (len, got) is leaked from TIOStreamTransport to TTransport through a TTransportException
Key: THRIFT-4928
URL: https://issues.apache.org/jira/browse/THRIFT-4928
Project: Thrift
Issue Type: Bug
Components: Java - Library
Affects Versions: 0.12.0, 0.11.0
Environment: Ubuntu 16.04.3 LTS
Open JDK version "1.8.0_191" build 25.191-b12
Reporter: xiaoqin.fu
The source: org.apache.thrift.transport.TIOStreamTransport:
public int read(byte[] buf, int off, int len) throws TTransportException {
if (inputStream_ == null) {
throw new TTransportException(TTransportException.NOT_OPEN, "Cannot read from null inputStream");
}
int bytesRead;
......
bytesRead = inputStream_.read(buf, off, len);
......
}
The sink: org.apache.thrift.transport.TTransport,
public int readAll(byte[] buf, int off, int len)
throws TTransportException {
......
if (ret <= 0) {
throw new TTransportException(
"Cannot read. Remote side has closed. Tried to read "
+ len
+ " bytes, but only got "
+ got
+ " bytes. (This is often indicative of an internal error on the server side. Please check your server logs.)");
}
......
}
Sensitive information about expected and actual reading lengths (len, got) is leaked.
The tainted path:
org.apache.thrift.transport.TIOStreamTransport -->
org.apache.thrift.transport.TTransport
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)