valitydev/thrift
14
0
Fork 0
mirror of https://github.com/valitydev/thrift.git synced 2024-11-07 02:45:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

THRIFT-5569: add negative size checks in Go generator when reading maps, sets and lists

Browse Source 
Client: go
This commit is contained in:
Andreas Krennmair 2022-04-20 13:20:12 +02:00 committed by Jens Geyer
parent edcad983d9
commit 8987820e84
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
compiler/cpp/src/thrift/generate/t_go_generator.cc
View File

@ -3369,6 +3369,9 @@ void t_go_generator::generate_deserialize_container(ostream& out,
// Declare variables, read header
if (ttype->is_map()) {
out << indent() << "_, _, size, err := iprot.ReadMapBegin(ctx)" << endl;
out << indent() << "if size < 0 {" << endl;
out << indent() << " return errors.New(\"map size is negative\")" << endl;
out << indent() << "}" << endl;
out << indent() << "if err != nil {" << endl;
out << indent() << " return thrift.PrependError(\"error reading map begin: \", err)" << endl;
out << indent() << "}" << endl;
@ -3376,6 +3379,9 @@ void t_go_generator::generate_deserialize_container(ostream& out,
out << indent() << prefix << eq << " " << (pointer_field ? "&" : "") << "tMap" << endl;
} else if (ttype->is_set()) {
out << indent() << "_, size, err := iprot.ReadSetBegin(ctx)" << endl;
out << indent() << "if size < 0 {" << endl;
out << indent() << " return errors.New(\"set size is negative\")" << endl;
out << indent() << "}" << endl;
out << indent() << "if err != nil {" << endl;
out << indent() << " return thrift.PrependError(\"error reading set begin: \", err)" << endl;
out << indent() << "}" << endl;
@ -3383,6 +3389,9 @@ void t_go_generator::generate_deserialize_container(ostream& out,
out << indent() << prefix << eq << " " << (pointer_field ? "&" : "") << "tSet" << endl;
} else if (ttype->is_list()) {
out << indent() << "_, size, err := iprot.ReadListBegin(ctx)" << endl;
out << indent() << "if size < 0 {" << endl;
out << indent() << " return errors.New(\"list size is negative\")" << endl;
out << indent() << "}" << endl;
out << indent() << "if err != nil {" << endl;
out << indent() << " return thrift.PrependError(\"error reading list begin: \", err)" << endl;
out << indent() << "}" << endl;