[CASSANDRA-15373] validate value sizes in LegacyLayout - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Normal
Resolution: Fixed
Fix Version/s: 3.0.20, 3.11.6, 4.0-alpha3, 4.0
Component/s: Legacy/Local Write-Read Paths
Labels:
None

Bug Category:
Correctness - Unrecoverable Corruption / Loss
Severity:
Normal
Complexity:
Normal
Discovered By:
User Report
Platform:

All
Impacts:

None
Since Version:

3.0.0
Source Control Link:

https://github.com/apache/cassandra/commit/53f604dc1789a800dbcbc3c8aee77f8f36b8b5db
Test and Documentation Plan:

Hide

circleci

Show
circleci

Description

In 2.1, all values are serialized as variable length blobs, with a length prefix, followed by the actual value, even with fixed width types like int32. The 3.0 storage engine, on the other hand, omits the length prefix for fixed width types. Since the length of fixed width types are not validated on the 3.0 write path, writing data for a fixed width type from an incorrectly sized byte buffer will over or underflow the space allocated for it, corrupting the remainder of that partition or indexed region from being read. This is not discovered until we attempt to read the corrupted value. This patch updates LegacyLayout to throw a marshal exception if it encounters an unexpected value size for fixed size columns.

Attachments

Issue Links

relates to

CASSANDRA-15778 CorruptSSTableException after a 2.1 SSTable is upgraded to 3.0, failing reads

Resolved

Activity

People

Assignee:: Blake Eggleston

Reporter:: Blake Eggleston

Authors:: Blake Eggleston

Reviewers:: Benedict Elliott Smith, Sam Tunnicliffe

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 23/Oct/19 22:38

Updated:: 15/May/20 08:38

Resolved:: 06/Nov/19 20:14