-
Notifications
You must be signed in to change notification settings - Fork 647
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RDF Patch Binary Reader silently accepts some invalid patch files #2402
Comments
We can't see the "read". Is the call |
Try "aaaa". |
Yes, sorry. Was adding test cases to existing Jena test classes and for this bug there happened to be a |
Adds several test cases, some of which currently fail, that demonstrate that the RDF Patch Binary reader can silently accept invalid streams
Interestingly that one does fail - see draft PR #2408 for a few example test cases. Most notably, if I generate a valid binary patch and then arbitrarily truncate it's bytes, it does not error |
Adds several test cases, some of which currently fail, that demonstrate that the RDF Patch Binary reader can silently accept invalid streams
Previously the RDFPatchReaderBinary simply exited its read loop when it detected an EOF error as Thrift doesn't have a clean way of apriori detecting whether we've reached the EOF. The downside of this approach was that it meant the reader would silently ignore some genuinely malformed inputs if they happened to be the right bytes for Thrift to think it had encountered a field it knew about. To address this a new method is introduced that inspects the StackTraceElement's associated with the Thrift EOF exception to detect a couple of cases where the input is clearly malformed and throw an appropriate error. Test cases around malformed patch inputs are also expanded to further test this capability.
Previously the RDFPatchReaderBinary simply exited its read loop when it detected an EOF error as Thrift doesn't have a clean way of apriori detecting whether we've reached the EOF. The downside of this approach was that it meant the reader would silently ignore some genuinely malformed inputs if they happened to be the right bytes for Thrift to think it had encountered a field it knew about. To address this a new method is introduced that inspects the StackTraceElement's associated with the Thrift EOF exception to detect a couple of cases where the input is clearly malformed and throw an appropriate error. Test cases around malformed patch inputs are also expanded to further test this capability.
Previously the RDFPatchReaderBinary simply exited its read loop when it detected an EOF error as Thrift doesn't have a clean way of apriori detecting whether we've reached the EOF. The downside of this approach was that it meant the reader would silently ignore some genuinely malformed inputs if they happened to be the right bytes for Thrift to think it had encountered a field it knew about. To address this a new method is introduced that inspects the StackTraceElement's associated with the Thrift EOF exception to detect a couple of cases where the input is clearly malformed and throw an appropriate error. Test cases around malformed patch inputs are also expanded to further test this capability.
Version
5.0.0
What happened?
Consider the following test case:
Since the input is not a patch in RDF Thrift format it would be expected that an error would be thrown. Instead an empty patch is returned and the error is silently ignored.
This bit of the code seems relevant:
It seems like it always treats an EOF as an acceptable error, irregardless of whether the input was genuinely at EOF or EOF was simply encountered due to malformed/incomplete data.
Relevant output and stacktrace
No response
Are you interested in making a pull request?
Maybe
The text was updated successfully, but these errors were encountered: