[ORC-403] Should check offsets got from protobuf Objects - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.5.3, 1.6.0
Component/s: C++
Labels:
None

Description

A malformed ORC file may have a postscript length larger than the file size, which causes orc:: readPostscript to read unexpected data.

    std::unique_ptr<proto::PostScript> postscript =
      std::unique_ptr<proto::PostScript>(new proto::PostScript());
    if (!postscript->ParseFromArray(ptr + readSize - 1 - postscriptSize,
                                   static_cast<int>(postscriptSize))) {
      throw ParseError("Failed to parse the postscript from " +
                       stream->getName());
    }

We should make sure readSize - 1 - postscriptSize >= 0. Furthermore, we should check offsets and lengths got from protobuf Objects.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

bad_stripe_info.orc
16/Sep/18 02:12
2 kB
Quanlong Huang
copy7_000000_0
15/Sep/18 11:44
0.0 kB
Quanlong Huang

Issue Links

is related to

IMPALA-6772 Enable test_scanners_fuzz for ORC format

Resolved

links to

GitHub Pull Request #309

Activity

People

Assignee:: Quanlong Huang

Reporter:: Quanlong Huang

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 15/Sep/18 07:29

Updated:: 25/Sep/18 21:21

Resolved:: 18/Sep/18 20:21