Re: ant -Drelease=true publish failed

2017-10-20 Thread Robert Lu 
Hi,

I noticed that the java library is used ant. and Maven Ant Tasks is retired.
So, I start to work for migrating to maven.

On Wed, Oct 18, 2017 at 8:09 AM, Jake Farrell  wrote:

> Looks like the gpg-plugin version might be failing due to needing a
> specific version of maven 'org.apache.maven.plugins:maven-gpg-plugin':
> Plugin requires Maven version 2.2.1 where you are currently running 3.5.0.
> Have you tried building with Maven 2.2.1?
>
> -Jake
>
> On Mon, Oct 16, 2017 at 2:41 AM, Robert Lu  wrote:
>
> > Hi,
> >
> > I read the build.xml at
> > https://github.com/apache/thrift/blob/8b8a8efea13d1c97f856053af0a5c0
> > e6a8a76354/lib/java/build.xml#L416-L419
> >
> > I want to know why use signAndDeploy for pom file. So I run:
> > ant -Drelease=true publish
> >
> > at thrift/lib/java
> >
> > But, it's failed:
> >
> > publish:
> > [artifact:mvn] [INFO] Scanning for projects...
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [ERROR] BUILD ERROR
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [INFO] Error resolving version for
> > 'org.apache.maven.plugins:maven-gpg-plugin': Plugin requires Maven
> version
> > 2.2.1
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [INFO] For more information, run Maven with the -e switch
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [INFO] Total time: < 1 second
> > [artifact:mvn] [INFO] Finished at: Mon Oct 16 14:38:56 CST 2017
> > [artifact:mvn] [INFO] Final Memory: 5M/245M
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] Java Result: 1
> > [artifact:mvn] [INFO] Scanning for projects...
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [ERROR] BUILD ERROR
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [INFO] Error resolving version for
> > 'org.apache.maven.plugins:maven-gpg-plugin': Plugin requires Maven
> version
> > 2.2.1
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [INFO] For more information, run Maven with the -e switch
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [INFO] Total time: < 1 second
> > [artifact:mvn] [INFO] Finished at: Mon Oct 16 14:38:57 CST 2017
> > [artifact:mvn] [INFO] Final Memory: 5M/245M
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] Java Result: 1
> > [artifact:mvn] [INFO] Scanning for projects...
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [ERROR] BUILD ERROR
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [INFO] Error resolving version for
> > 'org.apache.maven.plugins:maven-gpg-plugin': Plugin requires Maven
> version
> > 2.2.1
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [INFO] For more information, run Maven with the -e switch
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [INFO] Total time: < 1 second
> > [artifact:mvn] [INFO] Finished at: Mon Oct 16 14:38:58 CST 2017
> > [artifact:mvn] [INFO] Final Memory: 5M/245M
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] Java Result: 1
> > [artifact:mvn] [INFO] Scanning for projects...
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [ERROR] BUILD ERROR
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [INFO] Error resolving version for
> > 'org.apache.maven.plugins:maven-gpg-plugin': Plugin requires Maven
> version
> > 2.2.1
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [INFO] For more information, run Maven with the -e switch
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] [INFO] Total time: < 1 second
> > [artifact:mvn] [INFO] Finished at: Mon Oct 16 14:38:58 CST 2017
> > [artifact:mvn] [INFO] Final Memory: 5M/245M
> > [artifact:mvn] [INFO]
> > 
> > [artifact:mvn] Java Result: 1
> >
> >

[GitHub] thrift issue #1391: Fix segment fault at thrift_protocol extension

2017-10-20 Thread jeking3 
Github user jeking3 commented on the issue:

https://github.com/apache/thrift/pull/1391
  
I saw cross test pass before, so I think we're good.


---

[jira] [Commented] (THRIFT-2913) Ruby Server Thrift::ThreadPoolServer should serve inside a thread

2017-10-20 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/THRIFT-2913?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16213713#comment-16213713
 ] 

ASF GitHub Bot commented on THRIFT-2913:


Github user RobberPhex commented on the issue:

https://github.com/apache/thrift/pull/1391
  
build job 4 failed due to https://issues.apache.org/jira/browse/THRIFT-2913.

And, appveyor build queued.
but, same commit at my repo CI is success: 
https://ci.appveyor.com/project/RobberPhex/thrift/build/1.0.0-dev.58


> Ruby Server Thrift::ThreadPoolServer should serve inside a thread
> -
>
> Key: THRIFT-2913
> URL: https://issues.apache.org/jira/browse/THRIFT-2913
> Project: Thrift
>  Issue Type: Bug
>  Components: Ruby - Library
>Affects Versions: 0.9.3, 0.10.0
> Environment: openSUSE 13.2, Ruby 2.1.0
> also in docker ubuntu-xenial image, per CI build job failure
>Reporter: Jens Geyer
> Attachments: full-error-message.txt
>
>
> make all fails with:
> {code}
> Server Thrift::ThreadPoolServer should serve inside a thread
>  Failure/Error: Unable to find matching line from backtrace
>(#).serve(any args)
>expected: 1 time
>received: 0 times
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[GitHub] thrift issue #1391: Fix segment fault at thrift_protocol extension

2017-10-20 Thread RobberPhex 
Github user RobberPhex commented on the issue:

https://github.com/apache/thrift/pull/1391
  
build job 4 failed due to https://issues.apache.org/jira/browse/THRIFT-2913.

And, appveyor build queued.
but, same commit at my repo CI is success: 
https://ci.appveyor.com/project/RobberPhex/thrift/build/1.0.0-dev.58


---

[jira] [Commented] (THRIFT-2913) Ruby Server Thrift::ThreadPoolServer should serve inside a thread

2017-10-20 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/THRIFT-2913?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16212701#comment-16212701
 ] 

ASF GitHub Bot commented on THRIFT-2913:


Github user jeking3 commented on the issue:

https://github.com/apache/thrift/pull/1391
  
UBsan build failed due to https://issues.apache.org/jira/browse/THRIFT-2913.


> Ruby Server Thrift::ThreadPoolServer should serve inside a thread
> -
>
> Key: THRIFT-2913
> URL: https://issues.apache.org/jira/browse/THRIFT-2913
> Project: Thrift
>  Issue Type: Bug
>  Components: Ruby - Library
>Affects Versions: 0.9.3, 0.10.0
> Environment: openSUSE 13.2, Ruby 2.1.0
> also in docker ubuntu-xenial image, per CI build job failure
>Reporter: Jens Geyer
> Attachments: full-error-message.txt
>
>
> make all fails with:
> {code}
> Server Thrift::ThreadPoolServer should serve inside a thread
>  Failure/Error: Unable to find matching line from backtrace
>(#).serve(any args)
>expected: 1 time
>received: 0 times
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[GitHub] thrift issue #1391: Fix segment fault at thrift_protocol extension

2017-10-20 Thread jeking3 
Github user jeking3 commented on the issue:

https://github.com/apache/thrift/pull/1391
  
UBsan build failed due to https://issues.apache.org/jira/browse/THRIFT-2913.


---

[jira] [Commented] (THRIFT-4356) thrift_protocol call Transport cause Segmentation fault

2017-10-20 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/THRIFT-4356?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16212658#comment-16212658
 ] 

ASF GitHub Bot commented on THRIFT-4356:


Github user RobberPhex commented on the issue:

https://github.com/apache/thrift/pull/1391
  
this pr fix 
[`THRIFT-4356`](https://issues.apache.org/jira/browse/THRIFT-4356) and 
[`THRIFT-4353`](https://issues.apache.org/jira/browse/THRIFT-4353).

---

And, this work is besed `董菲 `'s work. so I just 
squashed commits by author(not all-in-one commit).


> thrift_protocol call Transport cause Segmentation fault
> ---
>
> Key: THRIFT-4356
> URL: https://issues.apache.org/jira/browse/THRIFT-4356
> Project: Thrift
>  Issue Type: Bug
>  Components: PHP - Library
>Affects Versions: 0.9.3, 0.10.0
> Environment: PHP 7.0.23 (cli) (built: Sep 25 2017 08:07:30) ( NTS )
> macOS 10.13.1 Beta (17B25c)
>Reporter: Robert Lu
>Assignee: Robert Lu
>Priority: Critical
>
> When thrift_protocol extension try to read or write some bytes, if there is 
> some exception, will cause Segmentation fault



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[GitHub] thrift issue #1391: Fix segment fault at thrift_protocol extension

2017-10-20 Thread RobberPhex 
Github user RobberPhex commented on the issue:

https://github.com/apache/thrift/pull/1391
  
this pr fix 
[`THRIFT-4356`](https://issues.apache.org/jira/browse/THRIFT-4356) and 
[`THRIFT-4353`](https://issues.apache.org/jira/browse/THRIFT-4353).

---

And, this work is besed `董菲 `'s work. so I just 
squashed commits by author(not all-in-one commit).


---

[GitHub] thrift issue #1391: Fix segment fault at thrift_protocol extension

2017-10-20 Thread jeking3 
Github user jeking3 commented on the issue:

https://github.com/apache/thrift/pull/1391
  
Is this for THRIFT-4353?  Can you squash it?  Rebase it on master to fix 
the CI issues.


---

[jira] [Commented] (THRIFT-4353) cannot read via thrift_protocol at server side

2017-10-20 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/THRIFT-4353?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16212595#comment-16212595
 ] 

ASF GitHub Bot commented on THRIFT-4353:


Github user jeking3 commented on the issue:

https://github.com/apache/thrift/pull/1391
  
Is this for THRIFT-4353?  Can you squash it?  Rebase it on master to fix 
the CI issues.


> cannot read via thrift_protocol at server side
> --
>
> Key: THRIFT-4353
> URL: https://issues.apache.org/jira/browse/THRIFT-4353
> Project: Thrift
>  Issue Type: Improvement
>  Components: PHP - Library
>Affects Versions: 0.9.3, 0.10.0
> Environment: php7 + macOS
>Reporter: Robert Lu
>Assignee: Robert Lu
>Priority: Minor
>
> When server read message, the processor read the method name, and then server 
> will know the $args type.
> At this time, We cannot use thrift_protocol_read_binary, because message head 
> is already read.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[GitHub] thrift issue #1392: Fix missing positional argument

2017-10-20 Thread jeking3 
Github user jeking3 commented on the issue:

https://github.com/apache/thrift/pull/1392
  
Please see: https://thrift.apache.org/docs/HowToContribute

This does not have an associated [Thrift 
Jira](https://issues.apache.org/jira/projects/THRIFT) issue and is not properly 
named.

Recommend you fix these issues then rebase against master to resolve some 
of the CI issues.


---

[jira] [Commented] (THRIFT-4365) Perl generated code uses indirect object syntax, which occasionally causes compilation errors.

2017-10-20 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/THRIFT-4365?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16212576#comment-16212576
 ] 

ASF GitHub Bot commented on THRIFT-4365:


Github user asfgit closed the pull request at:

https://github.com/apache/thrift/pull/1393


> Perl generated code uses indirect object syntax, which occasionally causes 
> compilation errors.
> --
>
> Key: THRIFT-4365
> URL: https://issues.apache.org/jira/browse/THRIFT-4365
> Project: Thrift
>  Issue Type: Bug
>  Components: Perl - Compiler
>Affects Versions: 0.10.0
>Reporter: Finn Isaac Norris Colman
>Assignee: James E. King, III
>  Labels: easyfix
> Fix For: 0.11.0
>
>
> When running the Thrift compiler for Perl the automatically generated code 
> uses "Indirect Object Syntax". So the generated code looks like this:
> {noformat}
> $self->{success} = new contact_types::Response();
> {noformat}
> It should look like this:
> {noformat}
> $self->{success} = contact_types::Response->new();
> {noformat}
> I found in some cases the indirect object syntax can actually cause failures 
> because Perl gets confused and thinks Response is a subroutine, with an error 
> like this:
> {noformat}
> Undefined subroutine _types::Response called at gen-perl/user/Service.pm 
> line 131.
> {noformat}
> If you look in https://perldoc.perl.org/perlobj.html under the "Indirect 
> Object Syntax" heading, you see it says:
> "Outside of the file handle case, use of this syntax is discouraged as it can 
> confuse the Perl interpreter. See below for more details.".
> Fixing this problem should be straight forward. In the 
> https://github.com/apache/thrift/blob/master/compiler/cpp/src/thrift/generate/t_perl_generator.cc
>  it should instead of doing this:
> {noformat}
> out << indent() << "$" << prefix << " = new " << 
> perl_namespace(tstruct->get_program())
>   << tstruct->get_name() << "();" << endl << indent() << "$xfer += $" << 
> prefix
>   << "->read($input);" << endl;
> {noformat}
> Do this:
> {noformat}
> out << indent() << "$" << prefix << " = " << 
> perl_namespace(tstruct->get_program())
>   << tstruct->get_name() << "->new();" << endl << indent() << "$xfer += 
> $" << prefix
>   << "->read($input);" << endl;
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[GitHub] thrift pull request #1393: THRIFT-4365: Replaced indirect object syntax

2017-10-20 Thread asfgit 
Github user asfgit closed the pull request at:

https://github.com/apache/thrift/pull/1393


---

[jira] [Resolved] (THRIFT-4365) Perl generated code uses indirect object syntax, which occasionally causes compilation errors.

2017-10-20 Thread James E. King, III (JIRA) 

 [ 
https://issues.apache.org/jira/browse/THRIFT-4365?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

James E. King, III resolved THRIFT-4365.

   Resolution: Fixed
Fix Version/s: 0.11.0

Committed - thanks.

> Perl generated code uses indirect object syntax, which occasionally causes 
> compilation errors.
> --
>
> Key: THRIFT-4365
> URL: https://issues.apache.org/jira/browse/THRIFT-4365
> Project: Thrift
>  Issue Type: Bug
>  Components: Perl - Compiler
>Affects Versions: 0.10.0
>Reporter: Finn Isaac Norris Colman
>Assignee: James E. King, III
>  Labels: easyfix
> Fix For: 0.11.0
>
>
> When running the Thrift compiler for Perl the automatically generated code 
> uses "Indirect Object Syntax". So the generated code looks like this:
> {noformat}
> $self->{success} = new contact_types::Response();
> {noformat}
> It should look like this:
> {noformat}
> $self->{success} = contact_types::Response->new();
> {noformat}
> I found in some cases the indirect object syntax can actually cause failures 
> because Perl gets confused and thinks Response is a subroutine, with an error 
> like this:
> {noformat}
> Undefined subroutine _types::Response called at gen-perl/user/Service.pm 
> line 131.
> {noformat}
> If you look in https://perldoc.perl.org/perlobj.html under the "Indirect 
> Object Syntax" heading, you see it says:
> "Outside of the file handle case, use of this syntax is discouraged as it can 
> confuse the Perl interpreter. See below for more details.".
> Fixing this problem should be straight forward. In the 
> https://github.com/apache/thrift/blob/master/compiler/cpp/src/thrift/generate/t_perl_generator.cc
>  it should instead of doing this:
> {noformat}
> out << indent() << "$" << prefix << " = new " << 
> perl_namespace(tstruct->get_program())
>   << tstruct->get_name() << "();" << endl << indent() << "$xfer += $" << 
> prefix
>   << "->read($input);" << endl;
> {noformat}
> Do this:
> {noformat}
> out << indent() << "$" << prefix << " = " << 
> perl_namespace(tstruct->get_program())
>   << tstruct->get_name() << "->new();" << endl << indent() << "$xfer += 
> $" << prefix
>   << "->read($input);" << endl;
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Assigned] (THRIFT-4365) Perl generated code uses indirect object syntax, which occasionally causes compilation errors.

2017-10-20 Thread James E. King, III (JIRA) 

 [ 
https://issues.apache.org/jira/browse/THRIFT-4365?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

James E. King, III reassigned THRIFT-4365:
--

Assignee: James E. King, III

> Perl generated code uses indirect object syntax, which occasionally causes 
> compilation errors.
> --
>
> Key: THRIFT-4365
> URL: https://issues.apache.org/jira/browse/THRIFT-4365
> Project: Thrift
>  Issue Type: Bug
>  Components: Perl - Compiler
>Affects Versions: 0.10.0
>Reporter: Finn Isaac Norris Colman
>Assignee: James E. King, III
>  Labels: easyfix
>
> When running the Thrift compiler for Perl the automatically generated code 
> uses "Indirect Object Syntax". So the generated code looks like this:
> {noformat}
> $self->{success} = new contact_types::Response();
> {noformat}
> It should look like this:
> {noformat}
> $self->{success} = contact_types::Response->new();
> {noformat}
> I found in some cases the indirect object syntax can actually cause failures 
> because Perl gets confused and thinks Response is a subroutine, with an error 
> like this:
> {noformat}
> Undefined subroutine _types::Response called at gen-perl/user/Service.pm 
> line 131.
> {noformat}
> If you look in https://perldoc.perl.org/perlobj.html under the "Indirect 
> Object Syntax" heading, you see it says:
> "Outside of the file handle case, use of this syntax is discouraged as it can 
> confuse the Perl interpreter. See below for more details.".
> Fixing this problem should be straight forward. In the 
> https://github.com/apache/thrift/blob/master/compiler/cpp/src/thrift/generate/t_perl_generator.cc
>  it should instead of doing this:
> {noformat}
> out << indent() << "$" << prefix << " = new " << 
> perl_namespace(tstruct->get_program())
>   << tstruct->get_name() << "();" << endl << indent() << "$xfer += $" << 
> prefix
>   << "->read($input);" << endl;
> {noformat}
> Do this:
> {noformat}
> out << indent() << "$" << prefix << " = " << 
> perl_namespace(tstruct->get_program())
>   << tstruct->get_name() << "->new();" << endl << indent() << "$xfer += 
> $" << prefix
>   << "->read($input);" << endl;
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (THRIFT-4366) upgrade to 0.10 CPP ,when readMessageBegin coredump

2017-10-20 Thread xiaomingzhongguo (JIRA) 
xiaomingzhongguo created THRIFT-4366:


 Summary: upgrade to 0.10 CPP ,when readMessageBegin coredump 
 Key: THRIFT-4366
 URL: https://issues.apache.org/jira/browse/THRIFT-4366
 Project: Thrift
  Issue Type: Bug
 Environment: thrift 0.10 CPP 
Reporter: xiaomingzhongguo


(gdb) bt
#0  0x7f34d99c85ae in memcpy () from /lib64/libc.so.6
#1  0x0100f9fb in std::basic_string::_M_replace_safe(unsigned long, unsigned long, char 
const*, unsigned long) ()
at 
/data/davy/26lib_source/gcc-4.8.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/char_traits.h:271
#2  0x009cec48 in unsigned int 
apache::thrift::protocol::TBinaryProtocolT::readStringBody >(std::basic_string&, int) () at 
/usr/local/include/thrift/protocol/TBinaryProtocol.tcc:441
#3  0x009ce34f in 
apache::thrift::protocol::TBinaryProtocolT::readMessageBegin(std::basic_string&, 
apache::thrift::protocol::TMessageType&, int&) () at 
/usr/local/include/thrift/protocol/TBinaryProtocol.tcc:223
#4  0x009cd798 in 
apache::thrift::protocol::TVirtualProtocol, 
apache::thrift::protocol::TProtocolDefaults>::readMessageBegin_virt(std::basic_string&, 
apache::thrift::protocol::TMessageType&, int&) () at 
/usr/local/include/thrift/protocol/TVirtualProtocol.h:403
#5  0x009d047c in 
apache::thrift::protocol::TProtocol::readMessageBegin(std::basic_string&, 
apache::thrift::protocol::TMessageType&, int&) ()
at /usr/local/include/thrift/protocol/TProtocol.h:436
#6  0x009d09b9 in 
apache::thrift::TDispatchProcessor::process(boost::shared_ptr,
 boost::shared_ptr, void*) ()
at /usr/local/include/thrift/TDispatchProcessor.h:114
#7  0x00ddd96f in apache::thrift::server::TConnectedClient::run() () at 
src/thrift/server/TConnectedClient.cpp:62
#8  0x00dd6ef8 in 
apache::thrift::server::TThreadedServer::TConnectedClientRunner::run() () at 
src/thrift/server/TThreadedServer.cpp:147
#9  0x00dd9891 in 
apache::thrift::concurrency::PthreadThread::threadMain(void*) () at 
src/thrift/concurrency/PosixThreadFactory.cpp:208
#10 0x7f34da66d7f1 in start_thread () from /lib64/libpthread.so.0
#11 0x7f34d9a25ccd in clone () from /lib64/libc.so.6




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Comment Edited] (THRIFT-4362) Missing size-check can lead to huge memory allocation

2017-10-20 Thread Christian Ciach (JIRA) 

[ 
https://issues.apache.org/jira/browse/THRIFT-4362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16212477#comment-16212477
 ] 

Christian Ciach edited comment on THRIFT-4362 at 10/20/17 10:38 AM:


Do you think I can submit this patch as-is or do you have any suggestions for 
improvement?

Edit: As mentioned, with my patch the size may be checked multiple times. So I 
think it's a good idea to remove the other calls to the size-check method.


was (Author: christianciach):
Do you think I can submit this patch as-is or do you have any suggestions for 
improvement?

> Missing size-check can lead to huge memory allocation
> -
>
> Key: THRIFT-4362
> URL: https://issues.apache.org/jira/browse/THRIFT-4362
> Project: Thrift
>  Issue Type: Bug
>  Components: Java - Library
>Affects Versions: 0.9.3, 0.10.0
>Reporter: Christian Ciach
>Assignee: James E. King, III
> Attachments: check-size.patch
>
>
> In some cases the method 
> {{org.apache.thrift.protocol.TBinaryProtocol.readStringBody(int size)}} gets 
> called with a "size" parameter that has not been validated by the existing 
> method {{checkStringReadLength(int size)}}.
> This is true if the method is called by {{readMessageBegin()}} of the same 
> class. The method {{readString()}} checks the size correctly before calling 
> {{readStringBody(int size)}}.
> Since the methods {{readStringBody(int size)}} and {{readMessageBegin()}} are 
> public, there may be other callers who don't check the size correctly.
> We encountered this issue in production several times. Because of this we are 
> currently using our own patched version of libthrift-0.9.3. The patch is 
> attached, but it is surely not the best solution, because with this patch the 
> size may be checked twice, depending on the caller.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (THRIFT-4362) Missing size-check can lead to huge memory allocation

2017-10-20 Thread Christian Ciach (JIRA) 

[ 
https://issues.apache.org/jira/browse/THRIFT-4362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16212477#comment-16212477
 ] 

Christian Ciach commented on THRIFT-4362:
-

Do you think I can submit this patch as-is or do you have any suggestions for 
improvement?

> Missing size-check can lead to huge memory allocation
> -
>
> Key: THRIFT-4362
> URL: https://issues.apache.org/jira/browse/THRIFT-4362
> Project: Thrift
>  Issue Type: Bug
>  Components: Java - Library
>Affects Versions: 0.9.3, 0.10.0
>Reporter: Christian Ciach
>Assignee: James E. King, III
> Attachments: check-size.patch
>
>
> In some cases the method 
> {{org.apache.thrift.protocol.TBinaryProtocol.readStringBody(int size)}} gets 
> called with a "size" parameter that has not been validated by the existing 
> method {{checkStringReadLength(int size)}}.
> This is true if the method is called by {{readMessageBegin()}} of the same 
> class. The method {{readString()}} checks the size correctly before calling 
> {{readStringBody(int size)}}.
> Since the methods {{readStringBody(int size)}} and {{readMessageBegin()}} are 
> public, there may be other callers who don't check the size correctly.
> We encountered this issue in production several times. Because of this we are 
> currently using our own patched version of libthrift-0.9.3. The patch is 
> attached, but it is surely not the best solution, because with this patch the 
> size may be checked twice, depending on the caller.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[GitHub] thrift pull request #1394: minor fixes to tests

2017-10-20 Thread dkochmanski 
Github user dkochmanski closed the pull request at:

https://github.com/apache/thrift/pull/1394


---

[GitHub] thrift issue #1394: minor fixes to tests

2017-10-20 Thread dkochmanski 
Github user dkochmanski commented on the issue:

https://github.com/apache/thrift/pull/1394
  
sorry, wrong PR target.


---

[GitHub] thrift pull request #1394: minor fixes to tests

2017-10-20 Thread dkochmanski 
GitHub user dkochmanski opened a pull request:

https://github.com/apache/thrift/pull/1394

minor fixes to tests



You can merge this pull request into a Git repository by running:

$ git pull https://github.com/TurtleWarePL/thrift develop-jd

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/thrift/pull/1394.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #1394


commit b2ff80642f8f55a053b4d9d37f8b66654c8cc5f6
Author: Tomek Kurcz 
Date:   2017-09-19T07:16:43Z

Patch Thrift with de.setf.thrift

commit ee922ebe75c2537898d915d3624f0c935cf2af28
Author: Tomek Kurcz 
Date:   2017-09-19T07:16:56Z

CL generator: fix and integrate it

commit ebfffb4cafe127c917e491d6ed74fd36ac72aa58
Author: Tomek Kurcz 
Date:   2017-09-19T08:42:55Z

Remove non-existent packages and system dependencies

commit dc8a36d07ad57a8eab3aea112062a9e28f152779
Author: Tomek Kurcz 
Date:   2017-09-19T10:05:54Z

Add namespace declarations for CL in tutorial .thrift files

commit 9bf692896f48443ac0faffd668c8e02ce613c5ba
Author: Tomek Kurcz 
Date:   2017-09-19T12:53:39Z

Fix Thrift URIs

commit 1c60bb1206487f125613e4dabba3ddd36d9beef4
Author: Tomek Kurcz 
Date:   2017-09-19T13:20:10Z

Cosmetic: Remove emacs file headers

commit 8251142c6e037b9925efe892aa9d8fb04c3289e9
Author: Tomek Kurcz 
Date:   2017-09-20T10:35:06Z

Fix the handling of Thrift types

The decoder should expect i32 when the field type is enum

Rename i08 to i8 according to Thrift's expectations

commit d921e46a73772d52c92d24e153cba13e1f868950
Author: Tomek Kurcz 
Date:   2017-09-21T06:39:10Z

Defined services should just be exported to the current *package*

commit 319e07896b05183dbd62296a8d9f1bd918af2195
Author: Tomek Kurcz 
Date:   2017-09-21T07:38:19Z

Bugfix: wrong order of arguments in a function call

commit 894fad0ee6f45a90a3367d45aa647a7d5292fde1
Author: Tomek Kurcz 
Date:   2017-09-22T09:17:31Z

Ensure users can use :common-lisp symbols when implementing services

commit fe62d6a9f48b519309608a789bf7951cf2f3fa54
Author: Tomek Kurcz 
Date:   2017-09-22T11:29:55Z

CL generator: Generate ASDF systems for Thrift programs

Also adds the CLI option not to generate .asd files, but the default is to
generate them.

commit 50d04e7c6f0a348886f30cd9ef52cfd4e07a1925
Author: Tomek Kurcz 
Date:   2017-09-22T11:50:10Z

Don't expect server implementation to exist when loading gen'd code

We probably expect those to be declared later

commit 665b7fa51d1f31d4d37f80998b48c0f381dbbaea
Author: Tomek Kurcz 
Date:   2017-09-25T09:50:26Z

CL generator: Put generated "programs" in separate directories

commit 209cbffa780c012180b0e0fa15ae74c8cd381afd
Author: Tomek Kurcz 
Date:   2017-09-25T11:20:14Z

CL generator: copy the options string to comments in generated files

commit dc8cb075766a2456e99e581c344aee167150ad2f
Author: Tomek Kurcz 
Date:   2017-09-25T11:33:02Z

CL generator: Fix the remaining warnings

commit 6ce3ee2113e27ee222fa3f0097bc645b56358a4d
Author: Tomek Kurcz 
Date:   2017-09-25T12:08:39Z

Replace the float conversion code with `ieee-floats` from quicklisp

commit ce124f7dcb79515614c2642be5abf2852c07693d
Author: Tomek Kurcz 
Date:   2017-09-26T08:25:46Z

CL generator: Add the option to change the ASDF system prefix

Also: Cosmetic: add a newline after a generated (def-service)

commit a21b328cf120fb171ac1b6b107dd931e30e632cb
Author: Tomek Kurcz 
Date:   2017-09-27T08:32:52Z

Fix the load order of thrift-test components

commit b73b9a52571640f44437f17366e31277a3e5c45a
Author: Tomek Kurcz 
Date:   2017-09-27T08:33:17Z

Export vector-stream for use in thrift-test

commit 72289ffd3509928d557555a9f80f0a720f095472
Author: Tomek Kurcz 
Date:   2017-09-27T08:38:43Z

Exclude definition-operators.lisp from compilation for now

commit 6c77eda1a76ef0b71ebfde19df47b1d17b244d20
Author: Tomek Kurcz 
Date:   2017-09-27T08:53:34Z

Cosmetic: Typos and reindentation

commit 6ff38d84b93b99c183f8c18915febf9fef0b02b4
Author: Tomek Kurcz 
Date:   2017-09-27T09:01:14Z

Fix vector-protocol.write-sequence

commit 42cd93acb6abd9fdeb4ab563ce5502c1c81f2303
Author: Tomek Kurcz 
Date:   2017-09-27T09:08:43Z

Fix calls to unexported thrift.implementation functions

commit d4499cb41fa7c23fc4a5999fc8b958c2b51decaa