You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@arrow.apache.org by we...@apache.org on 2019/06/13 18:39:24 UTC
[arrow] branch master updated: ARROW-5589: [C++] Add missing
nullptr check during flatbuffer decoding
This is an automated email from the ASF dual-hosted git repository.
wesm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/arrow.git
The following commit(s) were added to refs/heads/master by this push:
new 7007981 ARROW-5589: [C++] Add missing nullptr check during flatbuffer decoding
7007981 is described below
commit 7007981e45aefd77cc519424c6cb857724114317
Author: Marco Neumann <ma...@blue-yonder.com>
AuthorDate: Thu Jun 13 13:39:16 2019 -0500
ARROW-5589: [C++] Add missing nullptr check during flatbuffer decoding
Issue: ARROW-5589
Author: Marco Neumann <ma...@blue-yonder.com>
Closes #4547 from crepererum/ARROW-5589 and squashes the following commits:
6a8ecf03d <Marco Neumann> Add missing nullptr check during flatbuffer decoding
---
cpp/src/arrow/ipc/metadata-internal.cc | 3 +++
docs/source/developers/cpp.rst | 14 +++++++-------
2 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/cpp/src/arrow/ipc/metadata-internal.cc b/cpp/src/arrow/ipc/metadata-internal.cc
index 13eb334..1d0ac8a 100644
--- a/cpp/src/arrow/ipc/metadata-internal.cc
+++ b/cpp/src/arrow/ipc/metadata-internal.cc
@@ -743,6 +743,9 @@ Status FieldFromFlatbuffer(const flatbuf::Field* field, DictionaryMemo* dictiona
// Reconstruct the data type
auto children = field->children();
+ if (children == nullptr) {
+ return Status::IOError("Children-pointer of flatbuffer-encoded Field is null.");
+ }
std::vector<std::shared_ptr<Field>> child_fields(children->size());
for (int i = 0; i < static_cast<int>(children->size()); ++i) {
RETURN_NOT_OK(
diff --git a/docs/source/developers/cpp.rst b/docs/source/developers/cpp.rst
index 525d7d9..fbc483c 100644
--- a/docs/source/developers/cpp.rst
+++ b/docs/source/developers/cpp.rst
@@ -514,18 +514,18 @@ Now you can start one of the fuzzer, e.g.:
.. code-block:: shell
- mkdir -p corpus
./relwithdebinfo/arrow-ipc-fuzzing-test corpus
This will try to find a malformed input that crashes the payload. A corpus of
interesting inputs will be stored into the ``corpus`` directory. You can save and
share this with others if you want, or even pre-fill it with files to provide the
-fuzzer with a warm-start. If a crash was found, the program will show the stack trace
-as well as the input data. The input data will also be written to a file named
-``crash-<some id>``. After a problem was found this way, it should be reported and
-fixed. Usually, the fuzzing process cannot be continued until the fix is applied, since
-the fuzzer usually converts to the problem again. To debug the underlying issue, you
-can use GDB:
+fuzzer with a warm-start. Apache provides a test corpus under
+https://github.com/apache/arrow-testing. If a crash was found, the program will
+show the stack trace as well as the input data. The input data will also be written
+to a file named ``crash-<some id>``. After a problem was found this way, it should be
+reported and fixed. Usually, the fuzzing process cannot be continued until the fix is
+applied, since the fuzzer usually converts to the problem again. To debug the
+underlying issue, you can use GDB:
.. code-block:: shell