You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Sylvain Lebresne (Updated) (JIRA)" <ji...@apache.org> on 2012/02/10 12:31:59 UTC

[jira] [Updated] (CASSANDRA-2851) hex-to-bytes conversion accepts invalid inputs silently

     [ https://issues.apache.org/jira/browse/CASSANDRA-2851?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sylvain Lebresne updated CASSANDRA-2851:
----------------------------------------

    Attachment: 2851.patch

Attaching patch that implements the idea above, i.e. hexToBytes throw an exception on odd number of input characters, but silently adds a '0' in front when parsing a token for an ordered partitioner.

This does mean BytesType will throw a MarshalException when given a string of odd length. I think it is a good thing, it was a but that we were potentially silently adding some zeroes to column names or values given by the user. However, this does kind of break some form of backward compatibility so I suppose we should either push it for 1.1.0 or report to 1.2. I personally would be good for 1.1.0 (I consider the current behavior a bug) but I won't argue if someone prefers 1.2.
                
> hex-to-bytes conversion accepts invalid inputs silently
> -------------------------------------------------------
>
>                 Key: CASSANDRA-2851
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-2851
>             Project: Cassandra
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 0.7.6, 0.8.1
>            Reporter: David Allsopp
>            Priority: Minor
>             Fix For: 1.1.1
>
>         Attachments: 2851.patch, cassandra-2851.diff
>
>
> FBUtilities.hexToBytes() has a minor bug - it copes with single-character inputs by prepending "0", which is OK - but it does this for any input with an odd number of characters, which is probably incorrect.
> {noformat}
> if (str.length() % 2 == 1)
>     str = "0" + str;
> {noformat}
> Given 'fff' as an input, can we really assume that this should be '0fff'? Isn't this just an error?
> Add the following to FBUtilitiesTest to demonstrate:
> {noformat}
> String[] badvalues = new String[]{"000", "fff"};
>        
> for (int i = 0; i < badvalues.length; i++)
>     try
>     {
>         FBUtilities.hexToBytes(badvalues[i]);
>         fail("Invalid hex value accepted"+badvalues[i]);
>     } catch (Exception e){}
> {noformat}

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira