RDF Patch Binary Reader silently accepts some invalid patch files

[rvesse]

Version

5.0.0

What happened?

Consider the following test case:

    protected RDFPatch read(InputStream in) {
        return RDFPatchOps.readBinary(in);
    }

    @Test
    public void junk_01() {
        byte[] junkData = "junk".getBytes(StandardCharsets.UTF_8);
        RDFPatch patch = read(new ByteArrayInputStream(junkData));
        Assert.fail("Malformed binary stream should throw an error");
    }

Since the input is not a patch in RDF Thrift format it would be expected that an error would be thrown. Instead an empty patch is returned and the error is silently ignored.

This bit of the code seems relevant:

  try { row.read(protocol) ; }
  catch (TTransportException e) {
      if ( e.getType() == TTransportException.END_OF_FILE )
          break;
      throw new PatchException("Thrift exception", e);
  }

It seems like it always treats an EOF as an acceptable error, irregardless of whether the input was genuinely at EOF or EOF was simply encountered due to malformed/incomplete data.

Relevant output and stacktrace

No response

Are you interested in making a pull request?

Maybe

[afs]

We can't see the "read". Is the callRDFPatchOps.readBinary?

[afs]

Try "aaaa".

[rvesse]

We can't see the "read". Is the callRDFPatchOps.readBinary?

Yes, sorry. Was adding test cases to existing Jena test classes and for this bug there happened to be a read() method defined in the test cases already. Added it to the original description for completeness

[rvesse]

Try "aaaa".

Interestingly that one does fail - see draft PR #2408 for a few example test cases. Most notably, if I generate a valid binary patch and then arbitrarily truncate it's bytes, it does not error