ferrirW opened a new pull request #2533: URL: https://github.com/apache/thrift/pull/2533
<!-- Explain the changes in the pull request below: --> We encountered a problem that caused the CPU to fill up (24 thread, 40 core), it seems to be due to the readBufferBytesAllocated not being properly calculated and the frameSize is large. So i think that even if the variable is correctly evaluated, it is necessary to add a separate parameter limit to the frameSize, rather than reusing the maxReadBufferBytes. ps. this large frame should be come from security check detection, also it could be attack 24 core is full  big request caused inifinite loop  <!-- We recommend you review the checklist/tips before submitting a pull request. --> - [ x ] Did you create an [Apache Jira](https://issues.apache.org/jira/projects/THRIFT/issues/) ticket? (not required for trivial changes) - [ x ] If a ticket exists: Does your pull request title follow the pattern "THRIFT-NNNN: describe my issue"? - [ ] Did you squash your changes to a single commit? (not required, but preferred) - [ ] Did you do your best to avoid breaking changes? If one was needed, did you label the Jira ticket with "Breaking-Change"? - [ ] If your change does not involve any code, include `[skip ci]` anywhere in the commit message to free up build resources. <!-- The Contributing Guide at: https://github.com/apache/thrift/blob/master/CONTRIBUTING.md has more details and tips for committing properly. --> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
