The vendored apache thrift library is vulnerable to DoS: incorrect thrift message would cause 100% CPU utilization by the processing goroutine.
The issue was addressed in the apache/thrift library, but the fix is not available in tchannel-go due to vendored old version. This PR applied this fix to tchannel-go.
Also confirmed other types of collection type (list, map key, and structs) already have the same logic.
Fix skip map value without depth limit.
The vendored apache thrift library is vulnerable to DoS: incorrect thrift message would cause 100% CPU utilization by the processing goroutine.
The issue was addressed in the apache/thrift library, but the fix is not available in tchannel-go due to vendored old version. This PR applied this fix to tchannel-go.
Also confirmed other types of collection type (list, map key, and structs) already have the same logic.