[
https://issues.apache.org/jira/browse/THRIFT-1328?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andy Schlaikjer updated THRIFT-1328:
------------------------------------
Patch Info: [Patch Available]
> TBaseHelper.toString(...) appends ByteBuffer data outside of valid buffer
> range
> -------------------------------------------------------------------------------
>
> Key: THRIFT-1328
> URL: https://issues.apache.org/jira/browse/THRIFT-1328
> Project: Thrift
> Issue Type: Bug
> Components: Java - Library
> Affects Versions: 0.5
> Environment: Java 1.6, Mac OSX 10.6.8 64-bit
> Reporter: Andy Schlaikjer
> Attachments: fix-bytebuffer-access.patch
>
>
> I have a Thrift struct T which declares a binary field f3 after two other
> fields f1 and f2. After successful deserialization of a T instance, f3
> references a ByteBuffer which wraps the raw byte[] containing all T instance
> data and has position and limit set to scope reads to valid f3 bytes. This is
> great because it means less copying of raw byte[] data.
> However, TBaseHelper.toString(ByteBuffer bb, StringBuilder sb) uses
> Buffer.array() and Buffer.arrayOffset() to read f3 data, causing it to append
> bytes to sb which lie outside f3's valid range in the backing byte[].
> It seems like this logic is also present in latest version of TBaseHelper:
> http://svn.apache.org/viewvc/thrift/trunk/lib/java/src/org/apache/thrift/TBaseHelper.java?revision=1038833&view=markup#l223
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
