I found these errors via code review, while evaluating this library and doing some rapid prototyping. I'm not using Thrift in production. However, I would recommend merging at least part changing list_to_atom to list_to_existing_atom, because (if it wasn't obvious) it fixes a pretty bad DOS vulnerability, allowing attacker to take down the entire Erlang VM by filling up atom table.
[ Full content available at: https://github.com/apache/thrift/pull/1585 ] This message was relayed via gitbox.apache.org for [email protected]
