C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.02.03.00.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "44596890016633024641060470411155656877", "331657705654131850442828927928062784103", "62810701246369866615112618702708241448" ] }, "signature_type": "Line", "source": "https://github.com/facebook/fbthrift/commit/3f156207e8a6583d88999487e954320dc18955e6", "target": { "file": "thrift/lib/cpp2/protocol/Protocol.h" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2019-3553-05ac5954" }, { "digest": { "function_hash": "174706121235900777254241968332960772258", "length": 526.0 }, "signature_type": "Function", "source": "https://github.com/facebook/fbthrift/commit/c9a903e5902834e95bbd4ab0e9fa53ba0189f351", "target": { "file": "thrift/lib/cpp2/protocol/CompactProtocol-inl.h", "function": "CompactProtocolReader::readStringBody" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2019-3553-163d2407" }, { "digest": { "threshold": 0.9, "line_hashes": [ "4545242548456549856471385261797320583", "6535706504946512896092844659658536142", "58427431270480592947181406810742987856", "323494517859915281965413108861047445416" ] }, "signature_type": "Line", "source": "https://github.com/facebook/fbthrift/commit/c9a903e5902834e95bbd4ab0e9fa53ba0189f351", "target": { "file": "thrift/lib/cpp2/protocol/CompactProtocol-inl.h" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2019-3553-4fbbacee" }, { "digest": { "threshold": 0.9, "line_hashes": [ "212002469332875097723210544329375829725", "153898754891649393942430316852394863342", "227682968511353201476159449308733903653" ] }, "signature_type": "Line", "source": "https://github.com/facebook/fbthrift/commit/3f156207e8a6583d88999487e954320dc18955e6", "target": { "file": "thrift/lib/cpp2/protocol/NimbleProtocol.h" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2019-3553-66017512" }, { "digest": { "threshold": 0.9, "line_hashes": [ "153527619121847531239303211989744505617", "29902521812625455048072784516873614057", "234442070744256819590778981643473786430", "323494517859915281965413108861047445416" ] }, "signature_type": "Line", "source": "https://github.com/facebook/fbthrift/commit/c9a903e5902834e95bbd4ab0e9fa53ba0189f351", "target": { "file": "thrift/lib/cpp2/protocol/BinaryProtocol-inl.h" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2019-3553-722b1184" }, { "digest": { "function_hash": "132259883174068687299136862608488877482", "length": 597.0 }, "signature_type": "Function", "source": "https://github.com/facebook/fbthrift/commit/c9a903e5902834e95bbd4ab0e9fa53ba0189f351", "target": { "file": "thrift/lib/cpp2/protocol/BinaryProtocol-inl.h", "function": "BinaryProtocolReader::readStringBody" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2019-3553-7fbf25b1" }, { "digest": { "function_hash": "259773171914150900980400727678888402219", "length": 715.0 }, "signature_type": "Function", "source": "https://github.com/facebook/fbthrift/commit/3f156207e8a6583d88999487e954320dc18955e6", "target": { "file": "thrift/lib/cpp2/protocol/detail/protocol_methods.h", "function": "read" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2019-3553-bd10f388" }, { "digest": { "threshold": 0.9, "line_hashes": [ "92725103026390205837140894194792057031", "163628535947776537148403942477945916337", "186176528405032179249056986190882403164", "108587633537507210242609878158511307392" ] }, "signature_type": "Line", "source": "https://github.com/facebook/fbthrift/commit/3f156207e8a6583d88999487e954320dc18955e6", "target": { "file": "thrift/lib/cpp/protocol/TProtocolException.cpp" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2019-3553-c2553062" }, { "digest": { "function_hash": "26855308651349703267568909715761752202", "length": 960.0 }, "signature_type": "Function", "source": "https://github.com/facebook/fbthrift/commit/3f156207e8a6583d88999487e954320dc18955e6", "target": { "file": "thrift/lib/cpp2/protocol/detail/protocol_methods.h", "function": "read" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2019-3553-c7c20977" }, { "digest": { "threshold": 0.9, "line_hashes": [ "294201529193437677925246979548635543859", "251498252870392571334876633397177745964", "188361747536714763440835157316534382951", "202539566248075939611767876272240491962" ] }, "signature_type": "Line", "source": "https://github.com/facebook/fbthrift/commit/3f156207e8a6583d88999487e954320dc18955e6", "target": { "file": "thrift/lib/cpp/protocol/TProtocolException.h" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2019-3553-cd35344f" }, { "digest": { "function_hash": "274153452343210165639182471556544972289", "length": 1091.0 }, "signature_type": "Function", "source": "https://github.com/facebook/fbthrift/commit/3f156207e8a6583d88999487e954320dc18955e6", "target": { "file": "thrift/lib/cpp2/protocol/detail/protocol_methods.h", "function": "read" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2019-3553-d27c367e" }, { "digest": { "threshold": 0.9, "line_hashes": [ "379873552829428259817983544756423750", "38846893758077509604777492341125738089", "148762455145767815842576259815983143114", "40944184984363785666168465967920033607", "12142979365642684022531327030095844492", "177014993987220354725995233458164805066", "66645819444173369681937423972076389364", "56051993222598451186266254746257317861", "54829995104402265666215148485616059909", "225981421825697214061150032645037264591", "332024401246044362683770948748881431480", "110625175761543874526356140866117602619" ] }, "signature_type": "Line", "source": "https://github.com/facebook/fbthrift/commit/3f156207e8a6583d88999487e954320dc18955e6", "target": { "file": "thrift/lib/cpp2/protocol/detail/protocol_methods.h" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2019-3553-e873b235" } ] }