You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jira@arrow.apache.org by "Benedikt (Jira)" <ji...@apache.org> on 2022/06/02 08:04:00 UTC

[jira] [Commented] (ARROW-13024) [C++][Parquet] Decoding byte stream split encoded columns fails when it has null values

    [ https://issues.apache.org/jira/browse/ARROW-13024?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17545332#comment-17545332 ] 

Benedikt commented on ARROW-13024:
----------------------------------

I've just encountered the same issue (on arrow 7.0.0), and starting from [~romankarlstetter]'s comment I've browsed the {{ByteStreamSplitDecoder}} code a bit and I think the suggestion above points at the right place, but is not a complete fix.

The relevant exception was added in [https://github.com/apache/arrow/pull/6781] in order to fix an out-of-bounds buffer read found by fuzzing. However, it seems to me that this fix wasn't quite right in the first place. My understanding is the following:

In {{SetData}}, the number of {{null}} values interleaved with the data is not known, but {{num_values}} includes them. Thus, it is not possible to validate {{num_values}} against {{len}} in this function yet. Any validation must happen in the {{Decode}} and {{DecodeArrow}} methods (in fact, {{Decode}} is safe via limiting the number of values returned, and {{DecodeArrow}} does precisely this verification).

As suggested above, {{num_values_in_buffer_}} is not correctly initialized, since the meaning of {{num_values}} is different in the presence of {{null}}s, and should be set as argued by [~romankarlstetter] such that it has the meaning suggested by its name.

However, when changing {{num_values_in_buffer_}} in this way, the calculation of {{const int num_decoded_previously = num_values_in_buffer_ - num_values_}} in {{Decode}} and {{DecodeArrow}} becomes incorrect since {{num_values_}} includes {{null}}s, but {{num_values_in_buffer_}} does not. To complete the bug fix, it might be easiest to store {{num_decoded_previously}} explicitly in {{ByteStreamSplitDecoder}}.

If this is done, {{Decode}} should calculate

{{values_to_decode = std::min(num_values_in_buffer_ - num_decoded_previously, max_values)}}

instead of the current

{{values_to_decode = std::min(num_values_, max_values)}}.

I can't really tell from the bug report whether this already accounts for the issues found by the fuzzer.

> [C++][Parquet] Decoding byte stream split encoded columns fails when it has null values
> ---------------------------------------------------------------------------------------
>
>                 Key: ARROW-13024
>                 URL: https://issues.apache.org/jira/browse/ARROW-13024
>             Project: Apache Arrow
>          Issue Type: Bug
>          Components: C++, Parquet
>    Affects Versions: 2.0.0, 3.0.0, 4.0.0
>            Reporter: Roman Karlstetter
>            Priority: Major
>
> Reading from a parquet file fails with the following error
> {{Data size too small for number of values (corrupted file?)}}.
> This happens for the case when there is a {{BYTE_STREAM_SPLIT}}-encoded column which has less values stored than number of rows, which is the case when the column has null values (definition levels are present).
> The problematic part is the condition checked in {{ByteStreamSplitDecoder<DType>::SetData}}, which raises the error if the number of values does not match the size of the data array.
> I'm unsure whether I have enough experience with the internals of the encoding/decoding part of this implementation to fix this issue, but my suggestion would be to initialize {{num_values_in_buffer_}} with {{len/static_cast<int64_t>(sizeof(T))}}.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)