Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Properly error when asked to skip an unknown field type
Summary: We weren't returning an error when asked to skip over a field with and unknown type. In this particular test case the code attempts to skip over a map with a large number of fields of unknown type and the ~3B noop calls take almost 30s. A misbehaving client could DoS a server by sending short messages that take a long time to parse. There may have been other failure modes as well. The test covers the binary protocol because that is where the issue was found. However, the issue is common to all protocols. This fixes CVE-2019-3552. Reviewed By: spalamarchuk Differential Revision: D14088980 fbshipit-source-id: 8a9d63260db717347217a8d2ac883c4ce331d964
- Loading branch information