Uploaded image for project: 'ORC'
  1. ORC
  2. ORC-403

Should check offsets got from protobuf Objects

VotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 1.5.3, 1.6.0
    • C++
    • None

    Description

      A malformed ORC file may have a postscript length larger than the file size, which causes orc:: readPostscript to read unexpected data.

          std::unique_ptr<proto::PostScript> postscript =
      std::unique_ptr<proto::PostScript>(new proto::PostScript());
    if (!postscript->ParseFromArray(ptr + readSize - 1 - postscriptSize,
                                   static_cast<int>(postscriptSize))) {
      throw ParseError("Failed to parse the postscript from " +
                       stream->getName());
    }

      We should make sure readSize - 1 - postscriptSize >= 0. Furthermore, we should check offsets and lengths got from protobuf Objects.

      Attachments

        1. bad_stripe_info.orc
          2 kB
          Quanlong Huang
        2. copy7_000000_0
          0.0 kB
          Quanlong Huang

        Issue Links

        is related to

        Bug - A problem which impairs or prevents the functions of the product. IMPALA-6772 Enable test_scanners_fuzz for ORC format

        • Critical - Crashes, loss of data, severe memory leak.
        • Resolved
        links to

        Web Link GitHub Pull Request #309

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            stigahuang Quanlong Huang
            stigahuang Quanlong Huang
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment