This is an automated email from the ASF dual-hosted git repository.

achennaka pushed a commit to branch branch-1.18.x
in repository https://gitbox.apache.org/repos/asf/kudu.git


The following commit(s) were added to refs/heads/branch-1.18.x by this push:
     new bfffad941 [thirdparty] KUDU-3626: Upgrade Apache Thrift to version 
0.21.0
bfffad941 is described below

commit bfffad941cdff33a8bbfd337a5a72a3eeacdfc2c
Author: Abhishek Chennaka <achenn...@apache.org>
AuthorDate: Tue Dec 3 12:24:07 2024 -0800

    [thirdparty] KUDU-3626: Upgrade Apache Thrift to version 0.21.0
    
    To address CVEs like CVE-2018-1320, CVE-2019-0210 and CVE-2019-0205
    in the current Apache Thrift version 0.11.0 we are upgrading to version
    0.21.0. We initally considered using version 0.16.0 as Hive
    uses it. But due to the reported issues[1][2] and no significant
    changes between 0.16.0 and 0.21.0 which can potentially break Kudu we
    think we can upgrade to 0.21.0 directly hence being more future
    proof.
    
    Thanks to Alexey Serbin for valuable inputs for this patch.
    
    [1]https://issues.apache.org/jira/browse/THRIFT-5599
    [2]https://issues.apache.org/jira/browse/THRIFT-5696
    
    Change-Id: I44c85f5d6679895865346118759d8da379cec3d5
    Reviewed-on: http://gerrit.cloudera.org:8080/22159
    Tested-by: Alexey Serbin <ale...@apache.org>
    Reviewed-by: Alexey Serbin <ale...@apache.org>
    (cherry picked from commit f2a6be7a44e3c395c240f982ce7b2a193410cb9b)
    Reviewed-on: http://gerrit.cloudera.org:8080/22168
    Reviewed-by: Abhishek Chennaka <achenn...@cloudera.com>
---
 cmake_modules/FindThrift.cmake           |  4 ++--
 src/kudu/thrift/sasl_client_transport.cc |  2 +-
 src/kudu/thrift/sasl_client_transport.h  |  2 +-
 thirdparty/build-definitions.sh          | 12 ++++++++----
 thirdparty/vars.sh                       |  2 +-
 5 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/cmake_modules/FindThrift.cmake b/cmake_modules/FindThrift.cmake
index 184e95b4a..03ff9b3fd 100644
--- a/cmake_modules/FindThrift.cmake
+++ b/cmake_modules/FindThrift.cmake
@@ -108,8 +108,8 @@ function(THRIFT_GENERATE_CPP SRCS HDRS TGTS)
     list(APPEND ${HDRS} "${THRIFT_H_OUT}")
 
     if(ARG_FB303)
-      list(APPEND ${SRCS} fb303_types.cpp fb303_constants.cpp 
FacebookService.cpp)
-      list(APPEND ${HDRS} fb303_types.h fb303_constants.h FacebookService.h)
+      list(APPEND ${SRCS} fb303_types.cpp FacebookService.cpp)
+      list(APPEND ${HDRS} fb303_types.h FacebookService.h)
     endif()
 
     add_custom_command(
diff --git a/src/kudu/thrift/sasl_client_transport.cc 
b/src/kudu/thrift/sasl_client_transport.cc
index e0d5b4052..edb386a88 100644
--- a/src/kudu/thrift/sasl_client_transport.cc
+++ b/src/kudu/thrift/sasl_client_transport.cc
@@ -125,7 +125,7 @@ SaslClientTransport::SaslClientTransport(string 
service_principal,
   ResetWriteBuf();
 }
 
-bool SaslClientTransport::isOpen() {
+bool SaslClientTransport::isOpen() const {
   return transport_->isOpen();
 }
 
diff --git a/src/kudu/thrift/sasl_client_transport.h 
b/src/kudu/thrift/sasl_client_transport.h
index b5c4dcb15..480f24f25 100644
--- a/src/kudu/thrift/sasl_client_transport.h
+++ b/src/kudu/thrift/sasl_client_transport.h
@@ -87,7 +87,7 @@ class SaslClientTransport
 
   ~SaslClientTransport() override = default;
 
-  bool isOpen() override;
+  bool isOpen() const override;
 
   bool peek() override;
 
diff --git a/thirdparty/build-definitions.sh b/thirdparty/build-definitions.sh
index cdda081b2..42522648d 100644
--- a/thirdparty/build-definitions.sh
+++ b/thirdparty/build-definitions.sh
@@ -984,26 +984,30 @@ build_thrift() {
   # Configure for a very minimal install - only the C++ client libraries are 
needed.
   # Thrift requires C++11 when compiled on Linux against libc++ (see 
cxxfunctional.h).
   CFLAGS="$EXTRA_CFLAGS" \
-    CXXFLAGS="$EXTRA_CXXFLAGS -std=c++11" \
+    CFLAGS="$EXTRA_CFLAGS -fPIC" \
+    CXXFLAGS="$EXTRA_CXXFLAGS -fPIC -std=c++17" \
     LDFLAGS="$EXTRA_LDFLAGS" \
     LIBS="$EXTRA_LIBS" \
     cmake \
     -DBOOST_ROOT=$PREFIX \
+    -DBUILD_AS3=OFF \
     -DBUILD_C_GLIB=OFF \
     -DBUILD_COMPILER=ON \
     -DBUILD_CPP=ON \
-    -DBUILD_EXAMPLES=OFF \
-    -DBUILD_HASKELL=OFF \
     -DBUILD_JAVA=OFF \
+    -DBUILD_JAVASCRIPT=OFF \
+    -DBUILD_NODEJS=OFF \
     -DBUILD_PYTHON=OFF \
+    -DBUILD_SHARED_LIBS=OFF \
     -DBUILD_TESTING=OFF \
     -DBUILD_TUTORIALS=OFF \
     -DCMAKE_BUILD_TYPE=Release \
     -DCMAKE_INSTALL_PREFIX=$PREFIX \
-    -DWITH_BOOSTTHREADS=OFF \
     -DWITH_LIBEVENT=OFF \
     -DWITH_OPENSSL=OFF \
     -DWITH_PLUGIN=OFF \
+    -DWITH_QT5=OFF \
+    -DWITH_ZLIB=OFF \
     $EXTRA_CMAKE_FLAGS \
     $THRIFT_SOURCE
 
diff --git a/thirdparty/vars.sh b/thirdparty/vars.sh
index 0a4078f76..67b961a90 100644
--- a/thirdparty/vars.sh
+++ b/thirdparty/vars.sh
@@ -191,7 +191,7 @@ SPARSEPP_VERSION=1.22
 SPARSEPP_NAME=sparsepp-$SPARSEPP_VERSION
 SPARSEPP_SOURCE=$TP_SOURCE_DIR/$SPARSEPP_NAME
 
-THRIFT_VERSION=0.11.0
+THRIFT_VERSION=0.21.0
 THRIFT_NAME=thrift-$THRIFT_VERSION
 THRIFT_SOURCE=$TP_SOURCE_DIR/$THRIFT_NAME
 

Reply via email to