Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-3941

Unsafe use of DataInput.skipBytes() in StoredPage and StoredFieldHeader

Agile BoardAttach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • None
    • 10.6.1.0
    • Store
    • None
    • Newcomer

    Description

      Some methods in StoredFileHeader and StoredPage call java.io.DataInput.skipBytes(int) with the assumption that it always skips the requested number of bytes. According to the javadoc for skipBytes, it may skip fewer bytes than requested, possibly 0, even if the end of the stream hasn't been reached.

      The problem exists in these methods:

      StoredFieldHeader.readFieldDataLength()
      StoredPage.readRecordFromStream()
      StoredPage.skipField()
      StoredPage.readOneColumnFromPage()
      StoredPage.readRecordFromArray()

      We should change the code so that it works correctly even if skipBytes() were to skip fewer bytes than requested.

      Attachments

        1. derby-3941-1.diff
          13 kB
          Yun Lee
        2. derby-3941-1.stat
          0.4 kB
          Yun Lee
        3. derby-3941-2.diff
          14 kB
          Yun Lee
        4. derby-3941-2.stat
          0.5 kB
          Yun Lee
        5. derby-3941-3.diff
          14 kB
          Yun Lee
        6. derby-3941-3.stat
          0.5 kB
          Yun Lee
        7. derby-3941-4.diff
          12 kB
          Yun Lee
        8. derby-3941-4.stat
          0.5 kB
          Yun Lee
        9. derby-3941-5.diff
          4 kB
          Yun Lee
        10. derby-3941-5.stat
          0.1 kB
          Yun Lee

        Issue Links

        is related to

        Improvement - An improvement or enhancement to an existing feature or task. DERBY-3770 Create a utility class for skipping data in an InputStream

        • Minor - Minor loss of function, or other problem where easy workaround is present.
        • Closed

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            yunlee Yun Lee
            knutanders Knut Anders Hatlen
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment