Joe McDonnell has posted comments on this change. ( http://gerrit.cloudera.org:8080/9601 )
Change subject: KUDU-2305: Limit sidecars to INT_MAX and fortify socket code ...................................................................... Patch Set 2: (1 comment) http://gerrit.cloudera.org:8080/#/c/9601/2/src/kudu/rpc/outbound_call.cc File src/kudu/rpc/outbound_call.cc: http://gerrit.cloudera.org:8080/#/c/9601/2/src/kudu/rpc/outbound_call.cc@161 PS2, Line 161: // SerializeMessage() takes the additional_size as an int32_t. Protect against : // any overflow. : CHECK_LE(sidecar_byte_size_, std::numeric_limits<int32_t>::max()); > I still find the type mismatch a bit confusing. In the abstract, using int32_t can make the compiler detect problems. Compilers can easily tell when a large type is being coerced to a smaller type. With appropriate warnings, a caller using an invalid conversion is a compile issue that forces them to think about the appropriate data types. With an int64_t argument, the only checks would happen at runtime and only if you have a test case that hits it. Now, in practice, the warnings either aren't enabled or didn't detect this. We already know that callers aren't going to exceed INT_MAX anyway, so I don't have a very strong preference here. Do Kudu reviewers have a strong preference? -- To view, visit http://gerrit.cloudera.org:8080/9601 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I2d041e214b15d9c22b810588643798e2b3bc5c24 Gerrit-Change-Number: 9601 Gerrit-PatchSet: 2 Gerrit-Owner: Joe McDonnell <[email protected]> Gerrit-Reviewer: Joe McDonnell <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Michael Ho <[email protected]> Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-Comment-Date: Wed, 14 Mar 2018 22:49:59 +0000 Gerrit-HasComments: Yes
