mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] [mesos] cf-natali commented on issue #356: libprocess: check protobuf (de)serialisation success.
Date Tue, 07 Apr 2020 22:05:18 GMT
cf-natali commented on issue #356: libprocess: check protobuf (de)serialisation success.
URL: https://github.com/apache/mesos/pull/356#issuecomment-610643627
 
 
   > This will only return false for the message being too large? Where do you see out
of memory being handled?
   
   Agreed. I *thought* it would handle it, but it looks like it just lets `std::bad_alloc`
propagate.
   
   > It also looks like invalid UTF-8 does not fail serialization, but rather only logs
an error for "proto3" always and logs an error in debug mode for "proto2", see [this example
of a proto3 message](https://github.com/protocolbuffers/protobuf/blob/v3.11.4/src/google/protobuf/any.pb.cc#L214).
   
   Indeed, it's a bit of a mess.
   Basically what happened in our case is that the framework re-serialises a subset of the
messages received from the master into an event log, but uses proto3 - so serialisation would
work, but then deserialising this would fail...
   It's a bit sad that with proto3 serialising invalid uft8 doesn't fail but deserialising
fails, it's contrary to Postel's principle :).
   
   > I'm a little puzzled at how you saw the logging, is your libprotobuf using debug mode?
   
   Interesting - we actually build our own libprotobuf - I'll ask our IT to double-check.
   
   > **Serialization of invalid UTF-8**:
   > 
   >     * "proto3": serialization will succeed but invalid UTF-8 will be logged.
   > 
   >     * "proto2": serialization will succeed. Invalid UTF-8 will only be logged in debug
mode (NDEBUG not defined).
   > 
   > 
   > **De-serialization of invalid UTF-8**:
   > 
   >     * "proto3": de-serialization will fail and it will be logged.
   > 
   >     * "proto2": de-serialization will succeed. Invalid UTF-8 will only be logged in
debug mode (NDEBUG not defined).
   
   Yes, it also matches my testing.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message