You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@arrow.apache.org by ks...@apache.org on 2020/05/13 01:15:24 UTC
[arrow] 08/17: ARROW-8704: [C++] Fix Parquet undefined behaviour on
invalid input
This is an automated email from the ASF dual-hosted git repository.
kszucs pushed a commit to branch maint-0.17.x
in repository https://gitbox.apache.org/repos/asf/arrow.git
commit c85a2fc68bf3f129c43008180ed27fc038c45c12
Author: Antoine Pitrou <an...@python.org>
AuthorDate: Tue May 5 08:49:15 2020 -0400
ARROW-8704: [C++] Fix Parquet undefined behaviour on invalid input
Should fix https://oss-fuzz.com/issue/5673014655188992 .
Closes #7105 from pitrou/ARROW-8704-parquet-oss-fuzz
Authored-by: Antoine Pitrou <an...@python.org>
Signed-off-by: François Saint-Jacques <fs...@gmail.com>
---
cpp/src/parquet/column_reader.cc | 6 +++++-
testing | 2 +-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/cpp/src/parquet/column_reader.cc b/cpp/src/parquet/column_reader.cc
index f746eb7..ee497ab 100644
--- a/cpp/src/parquet/column_reader.cc
+++ b/cpp/src/parquet/column_reader.cc
@@ -35,6 +35,7 @@
#include "arrow/util/bit_stream_utils.h"
#include "arrow/util/checked_cast.h"
#include "arrow/util/compression.h"
+#include "arrow/util/int_util.h"
#include "arrow/util/logging.h"
#include "arrow/util/rle_encoding.h"
#include "parquet/column_page.h"
@@ -1024,7 +1025,10 @@ class TypedRecordReader : public ColumnReaderImplBase<DType>,
// Compute the values capacity in bytes for the given number of elements
int64_t bytes_for_values(int64_t nitems) const {
- int type_size = GetTypeByteSize(this->descr_->physical_type());
+ int64_t type_size = GetTypeByteSize(this->descr_->physical_type());
+ if (::arrow::internal::HasMultiplyOverflow(nitems, type_size)) {
+ throw ParquetException("Total size of items too large");
+ }
return nitems * type_size;
}
diff --git a/testing b/testing
index 3772a1b..7660b5f 160000
--- a/testing
+++ b/testing
@@ -1 +1 @@
-Subproject commit 3772a1b0ba8ae163b4ff4f17a0b8bd89a46a7660
+Subproject commit 7660b5fb3dca9f21996ac239d9f520e631f4d3e5