[AVRO-3225] StackOverflowException on invalid input for BinaryDecoder.ReadString on NetStandard 2.1+ - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.11.0
Component/s: csharp
Labels:
- pull-request-available

Description

The BinaryDecoder.ReadString() method on NetStandard2.1+ produces a stack overflow exception if there is invalid input caused by this code:

int length = ReadInt();
Span<byte> buffer = length <= StackallocThreshold ? stackalloc byte[length] :                (bufferArray = ArrayPool<byte>.Shared.Rent(length)).AsSpan(0, length);

This code fails if ReadInt() returns a negative value.

Attachments

Issue Links

relates to

AVRO-3226 OutOfMemoryException on invalid input for BinaryDecoder.ReadString on NetStandard 2.1+

Resolved

links to

GitHub Pull Request #1357

Activity

People

Assignee:: Philip Sanetra

Reporter:: Philip Sanetra

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 07/Oct/21 13:27

Updated:: 20/Oct/21 11:22

Resolved:: 20/Oct/21 11:21

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

1h 50m