You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jira@arrow.apache.org by "Ziru Niu (Jira)" <ji...@apache.org> on 2020/11/23 04:54:00 UTC
[jira] [Updated] (ARROW-10692) Segfault while array buffer append
[ https://issues.apache.org/jira/browse/ARROW-10692?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ziru Niu updated ARROW-10692:
-----------------------------
Description:
{quote}// src/buffer.rs:657
/// Ensures that this buffer has at least `capacity` slots in this buffer. This will
/// also ensure the new capacity will be a multiple of 64 bytes.
///
/// Returns the new capacity for this buffer.
pub fn reserve(&mut self, capacity: usize) -> Result<usize> {
if capacity > self.capacity {
let new_capacity = bit_util::round_upto_multiple_of_64(capacity);
let new_capacity = cmp::max(new_capacity, self.capacity * 2);
let new_data =
unsafe \{ memory::reallocate(self.data, self.capacity, new_capacity) };
self.data = new_data as *mut u8;
self.capacity = new_capacity;
}
Ok(self.capacity)
}{quote}
Above code is not checking if new_data is null, which is causing segfault on following memcpy when reallocate failed.
was:
{quote}// src/buffer.rs:657
/// Ensures that this buffer has at least `capacity` slots in this buffer. This will
/// also ensure the new capacity will be a multiple of 64 bytes.
///
/// Returns the new capacity for this buffer.
pub fn reserve(&mut self, capacity: usize) -> Result<usize> {
if capacity > self.capacity {
let new_capacity = bit_util::round_upto_multiple_of_64(capacity);
let new_capacity = cmp::max(new_capacity, self.capacity * 2);
let new_data =
unsafe \{ memory::reallocate(self.data, self.capacity, new_capacity) };
self.data = new_data as *mut u8;
self.capacity = new_capacity;
}
Ok(self.capacity)
}{quote}
Above code is not checking if new_data is null, which is causing segfault on following memcpy when reallocate failed.
Summary: Segfault while array buffer append (was: Segfault in )
> Segfault while array buffer append
> ----------------------------------
>
> Key: ARROW-10692
> URL: https://issues.apache.org/jira/browse/ARROW-10692
> Project: Apache Arrow
> Issue Type: Bug
> Components: Rust
> Affects Versions: 2.0.0
> Environment: Ubuntu 20.04. rustc-nightly,
> Reporter: Ziru Niu
> Priority: Blocker
>
> {quote}// src/buffer.rs:657
>
> /// Ensures that this buffer has at least `capacity` slots in this buffer. This will
> /// also ensure the new capacity will be a multiple of 64 bytes.
> ///
> /// Returns the new capacity for this buffer.
> pub fn reserve(&mut self, capacity: usize) -> Result<usize> {
> if capacity > self.capacity {
> let new_capacity = bit_util::round_upto_multiple_of_64(capacity);
> let new_capacity = cmp::max(new_capacity, self.capacity * 2);
> let new_data =
> unsafe \{ memory::reallocate(self.data, self.capacity, new_capacity) };
> self.data = new_data as *mut u8;
> self.capacity = new_capacity;
> }
> Ok(self.capacity)
> }{quote}
>
> Above code is not checking if new_data is null, which is causing segfault on following memcpy when reallocate failed.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)