THRIFT-4405: fix parsing bug in cpp json header read if sequence ID wrapped around to negative

commit: 973c8552e0516cea35810d8870dbb33e4f05f9c5 [log] [tgz]
author: James E. King III <jking@apache.org> Wed Jan 30 20:11:15 2019 -0500
committer: James E. King III <jking@apache.org> Fri Feb 01 11:13:49 2019 -0500
tree: 5b45c007efd4ca07a9368a0f5aa7f540024ae8ed
parent: 43f689d153b07e2c513964f537204824042bf99f [diff]
diff --git a/lib/cpp/src/thrift/protocol/TJSONProtocol.cpp b/lib/cpp/src/thrift/protocol/TJSONProtocol.cpp
index 53cc140..35592f0 100644
--- a/lib/cpp/src/thrift/protocol/TJSONProtocol.cpp
+++ b/lib/cpp/src/thrift/protocol/TJSONProtocol.cpp

@@ -948,7 +948,7 @@
                                          TMessageType& messageType,
                                          int32_t& seqid) {
   uint32_t result = readJSONArrayStart();
-  uint64_t tmpVal = 0;
+  int64_t tmpVal = 0;
   result += readJSONInteger(tmpVal);
   if (tmpVal != kThriftVersion1) {
     throw TProtocolException(TProtocolException::BAD_VERSION, "Message contained bad version.");
@@ -957,8 +957,9 @@
   result += readJSONInteger(tmpVal);
   messageType = (TMessageType)tmpVal;
   result += readJSONInteger(tmpVal);
-  if (tmpVal > static_cast<uint64_t>((std::numeric_limits<int32_t>::max)()))
-    throw TProtocolException(TProtocolException::SIZE_LIMIT);
+  if (tmpVal > (std::numeric_limits<int32_t>::max)() ||
+      tmpVal < (std::numeric_limits<int32_t>::min)())
+    throw TProtocolException(TProtocolException::INVALID_DATA, "sequence id is not int32_t");
   seqid = static_cast<int32_t>(tmpVal);
   return result;
 }
commit	973c8552e0516cea35810d8870dbb33e4f05f9c5	[log] [tgz]
author	James E. King III <jking@apache.org>	Wed Jan 30 20:11:15 2019 -0500
committer	James E. King III <jking@apache.org>	Fri Feb 01 11:13:49 2019 -0500
tree	5b45c007efd4ca07a9368a0f5aa7f540024ae8ed
parent	43f689d153b07e2c513964f537204824042bf99f [diff]