You are viewing a plain text version of this content. The canonical link for it is here.

Posted to github@arrow.apache.org by GitBox <gi...@apache.org> on 2020/09/24 02:54:17 UTC

[GitHub] [arrow] emkornfield opened a new pull request #8253: ARROW-10077: [C++] fix possible int overflow

emkornfield opened a new pull request #8253:
URL: https://github.com/apache/arrow/pull/8253


   using a literal implies 32-bit integers for some compilers so this could overflow potentially.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [arrow] pitrou commented on pull request #8253: ARROW-10077: [C++] Fix possible integer multiplication overflow

Posted by GitBox <gi...@apache.org>.

pitrou commented on pull request #8253:
URL: https://github.com/apache/arrow/pull/8253#issuecomment-698227625


   Does this correspond to a OSS-Fuzz regresion?


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [arrow] pitrou commented on pull request #8253: ARROW-10077: [C++] Fix possible integer multiplication overflow

Posted by GitBox <gi...@apache.org>.

pitrou commented on pull request #8253:
URL: https://github.com/apache/arrow/pull/8253#issuecomment-698219691


   Thanks @emkornfield !


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [arrow] github-actions[bot] commented on pull request #8253: ARROW-10077: [C++] fix possible int overflow

Posted by GitBox <gi...@apache.org>.

github-actions[bot] commented on pull request #8253:
URL: https://github.com/apache/arrow/pull/8253#issuecomment-698083387


   https://issues.apache.org/jira/browse/ARROW-10077


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [arrow] emkornfield commented on pull request #8253: ARROW-10077: [C++] Fix possible integer multiplication overflow

Posted by GitBox <gi...@apache.org>.

emkornfield commented on pull request #8253:
URL: https://github.com/apache/arrow/pull/8253#issuecomment-698422239


   As it was explained to me, part of the seed corpus comes from the fuzzer binary itself (if I had to guess it swaps random bytes from it) so there is small chance of exposing internal library information if we shared the file.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [arrow] pitrou closed pull request #8253: ARROW-10077: [C++] Fix possible integer multiplication overflow

Posted by GitBox <gi...@apache.org>.

pitrou closed pull request #8253:
URL: https://github.com/apache/arrow/pull/8253


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [arrow] pitrou commented on pull request #8253: ARROW-10077: [C++] Fix possible integer multiplication overflow

Posted by GitBox <gi...@apache.org>.

pitrou commented on pull request #8253:
URL: https://github.com/apache/arrow/pull/8253#issuecomment-698219691






----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [arrow] pitrou commented on pull request #8253: ARROW-10077: [C++] Fix possible integer multiplication overflow

Posted by GitBox <gi...@apache.org>.

pitrou commented on pull request #8253:
URL: https://github.com/apache/arrow/pull/8253#issuecomment-698371744


   Ah, thank you. Does it work differently from OSS-Fuzz, or use a different seed corpus?


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [arrow] emkornfield commented on pull request #8253: ARROW-10077: [C++] Fix possible integer multiplication overflow

Posted by GitBox <gi...@apache.org>.

emkornfield commented on pull request #8253:
URL: https://github.com/apache/arrow/pull/8253#issuecomment-698371159


   It was found with our internal fuzzer.  Unfortunately do to how it works there are concerns over sharing the actual file.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [arrow] github-actions[bot] commented on pull request #8253: ARROW-10077: [C++] fix possible int overflow

Posted by GitBox <gi...@apache.org>.

github-actions[bot] commented on pull request #8253:
URL: https://github.com/apache/arrow/pull/8253#issuecomment-698083387


   https://issues.apache.org/jira/browse/ARROW-10077


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [arrow] emkornfield commented on pull request #8253: ARROW-10077: [C++] Fix possible integer multiplication overflow

Posted by GitBox <gi...@apache.org>.

emkornfield commented on pull request #8253:
URL: https://github.com/apache/arrow/pull/8253#issuecomment-698371159






----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [arrow] pitrou closed pull request #8253: ARROW-10077: [C++] Fix possible integer multiplication overflow

Posted by GitBox <gi...@apache.org>.

pitrou closed pull request #8253:
URL: https://github.com/apache/arrow/pull/8253


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org