You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@arrow.apache.org by "Mingyu Zhong (Jira)" <ji...@apache.org> on 2020/09/08 23:29:00 UTC

[jira] [Created] (ARROW-9948) Decimal128 does not check scale range when rescaling; can cause buffer overflow

Mingyu Zhong created ARROW-9948:
-----------------------------------

             Summary: Decimal128 does not check scale range when rescaling; can cause buffer overflow
                 Key: ARROW-9948
                 URL: https://issues.apache.org/jira/browse/ARROW-9948
             Project: Apache Arrow
          Issue Type: Bug
          Components: C++
            Reporter: Mingyu Zhong


BasicDecimal128::GetScaleMultiplier has a DCHECK on the scale, but the scale can come from users. For example, Decimal128::FromString("1e100") will cause an out-of-bound read.

BasicDecimal128::Rescale and BasicDecimal128::GetWholeAndFraction have the same problem.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)