diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/io/hfile/HFileReaderV2.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/io/hfile/HFileReaderV2.java index e466041..d155e12 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/io/hfile/HFileReaderV2.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/io/hfile/HFileReaderV2.java @@ -917,7 +917,7 @@ public class HFileReaderV2 extends AbstractHFileReader { currValueLen = blockBuffer.getInt(); ByteBufferUtils.skip(blockBuffer, currKeyLen + currValueLen); readMvccVersion(); - if (currKeyLen < 0 || currValueLen < 0 + if (currKeyLen <= 0 || currValueLen < 0 || currKeyLen > blockBuffer.limit() || currValueLen > blockBuffer.limit()) { throw new IllegalStateException("Invalid currKeyLen " + currKeyLen @@ -973,6 +973,14 @@ public class HFileReaderV2 extends AbstractHFileReader { klen = blockBuffer.getInt(); vlen = blockBuffer.getInt(); blockBuffer.reset(); + if (klen <= 0 || vlen < 0 + || klen > blockBuffer.limit() + || vlen > blockBuffer.limit()) { + throw new IllegalStateException("Invalid currKeyLen " + klen + + " or currValueLen " + vlen + ". Block offset: " + + block.getOffset() + ", block length: " + blockBuffer.limit() + + ", position: " + blockBuffer.position() + " (without header)."); + } if (this.reader.shouldIncludeMemstoreTS()) { if (this.reader.decodeMemstoreTS) { try {