Skip to content
Browse files

Throw on bad types during skipping data

The current code silently returns on bad types. In case when we have an invalid data, we may get a container of a large size with a bad type, this would lead to us running long loop doing nothing (though we already can say that the data is invalid).

The new code would throw an exception as soon as we try to skip a value of invalid type.

Fixes CVE-2019-3552

Reviewed By: stevegury

Differential Revision: D13892370

fbshipit-source-id: 582c81f90cf40c105383083cb38815816140e3ad
  • Loading branch information...
spalamarchuk authored and facebook-github-bot committed Feb 14, 2019
1 parent 9443939 commit a56346ceacad28bf470017a6bda1d5518d0bd943
@@ -166,7 +166,10 @@ public static void skip(TProtocol prot, byte type, int maxDepth)
throw new TProtocolException(
TProtocolException.INVALID_DATA, "Invalid type encountered during skipping: " + type);

0 comments on commit a56346c

Please sign in to comment.
You can’t perform that action at this time.