[IMPALA-8151] HiveUdfCall assumes StringValue is 16 bytes - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Blocker
Resolution: Fixed
Affects Version/s: Impala 3.2.0
Fix Version/s: Impala 3.2.0
Component/s: Backend
Labels:
- crash

Target Version:

Impala 3.2.0
Epic Color:
ghx-label-7

Description

HiveUdfCall has the sizes of internal types hardcoded as magic numbers:

      switch (GetChild(i)->type().type) {
        case TYPE_BOOLEAN:
        case TYPE_TINYINT:
          // Using explicit sizes helps the compiler unroll memcpy
          memcpy(input_ptr, v, 1);
          break;
        case TYPE_SMALLINT:
          memcpy(input_ptr, v, 2);
          break;
        case TYPE_INT:
        case TYPE_FLOAT:
          memcpy(input_ptr, v, 4);
          break;
        case TYPE_BIGINT:
        case TYPE_DOUBLE:
          memcpy(input_ptr, v, 8);
          break;
        case TYPE_TIMESTAMP:
        case TYPE_STRING:
        case TYPE_VARCHAR:
          memcpy(input_ptr, v, 16);
          break;
        default:
          DCHECK(false) << "NYI";
      }

STRING and VARCHAR were only 16 bytes because of padding. This padding is removed by ~~IMPALA-7367~~, so this will read past the end of the actual value. This could in theory lead to a crash.

We need to change the value, but we should probably also switch to sizeof(StringValue) so that it doesn't get broken by similar changes in future.

Attachments

Issue Links

is broken by

IMPALA-7367 Pack StringValue, CollectionValue and TimestampValue slots

Resolved

Activity

People

Assignee:: Pooja Nilangekar

Reporter:: Tim Armstrong

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 01/Feb/19 10:16

Updated:: 06/Feb/19 17:31

Resolved:: 06/Feb/19 17:31