You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@avro.apache.org by "Christophe Le Saec (Jira)" <ji...@apache.org> on 2022/09/07 07:21:00 UTC

[jira] [Commented] (AVRO-3617) [C++] Integer overflow risks with Validator::count_ and Validator::counters_

    [ https://issues.apache.org/jira/browse/AVRO-3617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17601172#comment-17601172 ] 

Christophe Le Saec commented on AVRO-3617:
------------------------------------------

The linked [PR|https://github.com/apache/avro/pull/1852] is a proposal mainly to add option "-Wconversion" on CMakeLists.txt file and fix new warning.

This lead to some weird code, as for LogicalType with precision and scale that are declared as int, but that are seen by compiler.cc as long (i think it's because of this [code|https://github.com/apache/avro/blob/a4a4002ee63dd3c104926d145235301a9d9a3764/lang/c%2B%2B/impl/json/JsonIO.cc#L257]). So i add function [getIntField|https://github.com/apache/avro/blob/a4a4002ee63dd3c104926d145235301a9d9a3764/lang/c%2B%2B/impl/Compiler.cc#L136] that also accept long type, just that [Entity::intValue|https://github.com/apache/avro/blob/a4a4002ee63dd3c104926d145235301a9d9a3764/lang/c%2B%2B/impl/json/JsonDom.cc#L157] method accept long type and control limit.

> [C++] Integer overflow risks with Validator::count_ and Validator::counters_
> ----------------------------------------------------------------------------
>
>                 Key: AVRO-3617
>                 URL: https://issues.apache.org/jira/browse/AVRO-3617
>             Project: Apache Avro
>          Issue Type: Bug
>          Components: c++
>            Reporter: Kalle Niemitalo
>            Priority: Minor
>              Labels: pull-request-available
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> In Validator, there seems to be some inconsistency with {{std::vector<size_t> counters_}} and {{int64_t count_}}:
> - Validator::countingSetup converts int64_t to size_t: {{counters_.push_back(static_cast<size_t>(count_));}}
> - Validator::countingAdvance converts size_t to int: {{int count = --counters_.back();}}
> - Validator::unionAdvance converts size_t to int64_t: {{if (count_ < static_cast<int64_t>(node->leaves()))}}
> - Validator::unionAdvance converts int64_t to int and that to size_t: {{setupOperation(node->leafAt(static_cast<int>(count_)));}}
> I did not verify whether these integers can actually grow so high that overflow is possible. Nevertheless, it would be safest to use integer types consistently.
> (Originally posted as [https://github.com/apache/avro/pull/1836#issuecomment-1225303643].)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)