Uploaded image for project: 'ORC'
  1. ORC
  2. ORC-403

Should check offsets got from protobuf Objects

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.5.3, 1.6.0
    • Component/s: C++
    • Labels:
      None

      Description

      A malformed ORC file may have a postscript length larger than the file size, which causes orc:: readPostscript to read unexpected data.

          std::unique_ptr<proto::PostScript> postscript =
            std::unique_ptr<proto::PostScript>(new proto::PostScript());
          if (!postscript->ParseFromArray(ptr + readSize - 1 - postscriptSize,
                                         static_cast<int>(postscriptSize))) {
            throw ParseError("Failed to parse the postscript from " +
                             stream->getName());
          }
      

      We should make sure readSize - 1 - postscriptSize >= 0. Furthermore, we should check offsets and lengths got from protobuf Objects.

        Attachments

        1. bad_stripe_info.orc
          2 kB
          Quanlong Huang
        2. copy7_000000_0
          0.0 kB
          Quanlong Huang

          Issue Links

            Activity

              People

              • Assignee:
                stigahuang Quanlong Huang
                Reporter:
                stigahuang Quanlong Huang
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: