Pascal Bach created THRIFT-3930:
-----------------------------------
Summary: C++ JSON protocol gets unresponsive when feed with
invalid data
Key: THRIFT-3930
URL: https://issues.apache.org/jira/browse/THRIFT-3930
Project: Thrift
Issue Type: Bug
Components: C++ - Library
Affects Versions: 0.9.3
Environment: Linux armv7
Reporter: Pascal Bach
When I send invalid data to service via TJSONProtocol it gets unresponsive
until all the data is processed.
When I send for example the following string via POST:
{{[1,"0123456789",1,0,{"1":{"str":"0123456789"}}]0123456789"}}
The server responds with:
{{[1,"0123456789",3,0,{"1":{"str":"Invalid method name:
'0123456789'"},"2":{"i32":1}}]}}
On the server side I get messages like:
{{Thrift: Fri Jan 1 00:10:52 2010 TConnectedClient protocol exception:
Expected '['; got '6'.}}
This messages keep coming long after the response was already received.
If multiple requests like the ones above are made the server is blocked for a
long time doing nothing but printing the above mentioned messages.
This allows to easily do denial of service towards the server.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
