mhlakhani opened a new pull request, #3287: URL: https://github.com/apache/thrift/pull/3287
Java had TConfiguration.recursionLimit (default 64) and TProtocolException.DEPTH_LIMIT defined but the limit was not actually enforced during struct deserialization. This brings Java in line with C++ which already enforces recursion limits. Changes: - Add recursionDepth_ counter and increment/decrement methods to TProtocol - Modify Java code generator to emit try-finally depth tracking in generate_standard_reader() and generate_java_struct_tuple_reader() Structures exceeding the configured recursion limit now throw TProtocolException(DEPTH_LIMIT) during deserialization. - [x] Did you create an [Apache Jira](https://issues.apache.org/jira/projects/THRIFT/issues/) ticket? ([Request account here](https://selfserve.apache.org/jira-account.html), not required for trivial changes) - [x] If a ticket exists: Does your pull request title follow the pattern "THRIFT-NNNN: describe my issue"? - [x] Did you squash your changes to a single commit? (not required, but preferred) - [x] Did you do your best to avoid breaking changes? If one was needed, did you label the Jira ticket with "Breaking-Change"? - [x] If your change does not involve any code, include `[skip ci]` anywhere in the commit message to free up build resources. <!-- The Contributing Guide at: https://github.com/apache/thrift/blob/master/CONTRIBUTING.md has more details and tips for committing properly. --> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
