Uploaded image for project: 'ORC'
  1. ORC
  2. ORC-403

Should check offsets got from protobuf Objects

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 1.5.3, 1.6.0
    • C++
    • None

    Description

      A malformed ORC file may have a postscript length larger than the file size, which causes orc:: readPostscript to read unexpected data.

          std::unique_ptr<proto::PostScript> postscript =
            std::unique_ptr<proto::PostScript>(new proto::PostScript());
          if (!postscript->ParseFromArray(ptr + readSize - 1 - postscriptSize,
                                         static_cast<int>(postscriptSize))) {
            throw ParseError("Failed to parse the postscript from " +
                             stream->getName());
          }
      

      We should make sure readSize - 1 - postscriptSize >= 0. Furthermore, we should check offsets and lengths got from protobuf Objects.

      Attachments

        1. copy7_000000_0
          0.0 kB
          Quanlong Huang
        2. bad_stripe_info.orc
          2 kB
          Quanlong Huang

        Issue Links

          Activity

            People

              stigahuang Quanlong Huang
              stigahuang Quanlong Huang
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: