github-code-scanning[bot] commented on code in PR #14563:
URL: https://github.com/apache/druid/pull/14563#discussion_r1258934974
##########
processing/src/main/java/org/apache/druid/segment/data/GenericIndexed.java:
##########
@@ -238,75 +232,243 @@
return numberOfFilesRequired;
}
+ protected final ObjectStrategy<T> strategy;
+ protected final boolean allowReverseLookup;
+ protected final int size;
- private final boolean versionOne;
+ public GenericIndexed(
+ final ObjectStrategy<T> strategy,
+ final boolean allowReverseLookup,
+ final int size
+ )
+ {
+ this.strategy = strategy;
+ this.allowReverseLookup = allowReverseLookup;
+ this.size = size;
+ }
- private final ObjectStrategy<T> strategy;
- private final boolean allowReverseLookup;
- private final int size;
- private final ByteBuffer headerBuffer;
+ public abstract BufferIndexed singleThreaded();
- private final ByteBuffer firstValueBuffer;
+ @Override
+ public abstract long getSerializedSize();
+
+ private static final class V1<T> extends GenericIndexed<T>
+ {
+ @SuppressWarnings("rawtypes")
+ private static final MetaSerdeHelper<GenericIndexed.V1> META_SERDE_HELPER
= MetaSerdeHelper
+ .firstWriteByte((GenericIndexed.V1 x) -> VERSION_ONE)
+ .writeByte(x -> x.allowReverseLookup ? REVERSE_LOOKUP_ALLOWED :
REVERSE_LOOKUP_DISALLOWED)
+ .writeInt(x -> Ints.checkedCast(x.theBuffer.remaining() + (long)
Integer.BYTES))
+ .writeInt(x -> x.size);
+
+ private final ByteBuffer theBuffer;
+ private final int headerOffset;
+ private final int valuesOffset;
+
+ V1(
+ final ByteBuffer buffer,
+ final ObjectStrategy<T> strategy,
+ final boolean allowReverseLookup
+ )
+ {
+ super(strategy, allowReverseLookup, buffer.getInt());
+ this.theBuffer = buffer;
+ this.headerOffset = theBuffer.position();
+ this.valuesOffset = theBuffer.position() + size * Integer.BYTES;
+ }
- private final ByteBuffer[] valueBuffers;
- private int logBaseTwoOfElementsPerValueFile;
- private int relativeIndexMask;
+ @Nullable
+ @Override
+ public T get(int index)
+ {
+ checkIndex(index);
- @Nullable
- private final ByteBuffer theBuffer;
+ final int startOffset;
+ final int endOffset;
- /**
- * Constructor for version one.
- */
- GenericIndexed(
- ByteBuffer buffer,
- ObjectStrategy<T> strategy,
- boolean allowReverseLookup
- )
- {
- this.versionOne = true;
+ if (index == 0) {
+ startOffset = Integer.BYTES;
+ endOffset = theBuffer.getInt(headerOffset);
+ } else {
+ int headerPosition = (index - 1) * Integer.BYTES;
Review Comment:
## User-controlled data in arithmetic expression
This arithmetic expression depends on a [user-provided value](1),
potentially causing an underflow.
This arithmetic expression depends on a [user-provided value](2),
potentially causing an underflow.
This arithmetic expression depends on a [user-provided value](3),
potentially causing an underflow.
This arithmetic expression depends on a [user-provided value](4),
potentially causing an underflow.
This arithmetic expression depends on a [user-provided value](5),
potentially causing an underflow.
[Show more
details](https://github.com/apache/druid/security/code-scanning/5251)
##########
processing/src/main/java/org/apache/druid/segment/data/GenericIndexed.java:
##########
@@ -238,75 +232,243 @@
return numberOfFilesRequired;
}
+ protected final ObjectStrategy<T> strategy;
+ protected final boolean allowReverseLookup;
+ protected final int size;
- private final boolean versionOne;
+ public GenericIndexed(
+ final ObjectStrategy<T> strategy,
+ final boolean allowReverseLookup,
+ final int size
+ )
+ {
+ this.strategy = strategy;
+ this.allowReverseLookup = allowReverseLookup;
+ this.size = size;
+ }
- private final ObjectStrategy<T> strategy;
- private final boolean allowReverseLookup;
- private final int size;
- private final ByteBuffer headerBuffer;
+ public abstract BufferIndexed singleThreaded();
- private final ByteBuffer firstValueBuffer;
+ @Override
+ public abstract long getSerializedSize();
+
+ private static final class V1<T> extends GenericIndexed<T>
+ {
+ @SuppressWarnings("rawtypes")
+ private static final MetaSerdeHelper<GenericIndexed.V1> META_SERDE_HELPER
= MetaSerdeHelper
+ .firstWriteByte((GenericIndexed.V1 x) -> VERSION_ONE)
+ .writeByte(x -> x.allowReverseLookup ? REVERSE_LOOKUP_ALLOWED :
REVERSE_LOOKUP_DISALLOWED)
+ .writeInt(x -> Ints.checkedCast(x.theBuffer.remaining() + (long)
Integer.BYTES))
+ .writeInt(x -> x.size);
+
+ private final ByteBuffer theBuffer;
+ private final int headerOffset;
+ private final int valuesOffset;
+
+ V1(
+ final ByteBuffer buffer,
+ final ObjectStrategy<T> strategy,
+ final boolean allowReverseLookup
+ )
+ {
+ super(strategy, allowReverseLookup, buffer.getInt());
+ this.theBuffer = buffer;
+ this.headerOffset = theBuffer.position();
+ this.valuesOffset = theBuffer.position() + size * Integer.BYTES;
+ }
- private final ByteBuffer[] valueBuffers;
- private int logBaseTwoOfElementsPerValueFile;
- private int relativeIndexMask;
+ @Nullable
+ @Override
+ public T get(int index)
+ {
+ checkIndex(index);
- @Nullable
- private final ByteBuffer theBuffer;
+ final int startOffset;
+ final int endOffset;
- /**
- * Constructor for version one.
- */
- GenericIndexed(
- ByteBuffer buffer,
- ObjectStrategy<T> strategy,
- boolean allowReverseLookup
- )
- {
- this.versionOne = true;
+ if (index == 0) {
+ startOffset = Integer.BYTES;
+ endOffset = theBuffer.getInt(headerOffset);
+ } else {
+ int headerPosition = (index - 1) * Integer.BYTES;
+ startOffset = theBuffer.getInt(headerOffset + headerPosition) +
Integer.BYTES;
+ endOffset = theBuffer.getInt(headerOffset + headerPosition +
Integer.BYTES);
+ }
+ return copyBufferAndGet(theBuffer, valuesOffset + startOffset,
valuesOffset + endOffset);
Review Comment:
## User-controlled data in arithmetic expression
This arithmetic expression depends on a [user-provided value](1),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](2),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](3),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](4),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](5),
potentially causing an overflow.
[Show more
details](https://github.com/apache/druid/security/code-scanning/5254)
##########
processing/src/main/java/org/apache/druid/segment/data/GenericIndexed.java:
##########
@@ -238,75 +232,243 @@
return numberOfFilesRequired;
}
+ protected final ObjectStrategy<T> strategy;
+ protected final boolean allowReverseLookup;
+ protected final int size;
- private final boolean versionOne;
+ public GenericIndexed(
+ final ObjectStrategy<T> strategy,
+ final boolean allowReverseLookup,
+ final int size
+ )
+ {
+ this.strategy = strategy;
+ this.allowReverseLookup = allowReverseLookup;
+ this.size = size;
+ }
- private final ObjectStrategy<T> strategy;
- private final boolean allowReverseLookup;
- private final int size;
- private final ByteBuffer headerBuffer;
+ public abstract BufferIndexed singleThreaded();
- private final ByteBuffer firstValueBuffer;
+ @Override
+ public abstract long getSerializedSize();
+
+ private static final class V1<T> extends GenericIndexed<T>
+ {
+ @SuppressWarnings("rawtypes")
+ private static final MetaSerdeHelper<GenericIndexed.V1> META_SERDE_HELPER
= MetaSerdeHelper
+ .firstWriteByte((GenericIndexed.V1 x) -> VERSION_ONE)
+ .writeByte(x -> x.allowReverseLookup ? REVERSE_LOOKUP_ALLOWED :
REVERSE_LOOKUP_DISALLOWED)
+ .writeInt(x -> Ints.checkedCast(x.theBuffer.remaining() + (long)
Integer.BYTES))
+ .writeInt(x -> x.size);
+
+ private final ByteBuffer theBuffer;
+ private final int headerOffset;
+ private final int valuesOffset;
+
+ V1(
+ final ByteBuffer buffer,
+ final ObjectStrategy<T> strategy,
+ final boolean allowReverseLookup
+ )
+ {
+ super(strategy, allowReverseLookup, buffer.getInt());
+ this.theBuffer = buffer;
+ this.headerOffset = theBuffer.position();
+ this.valuesOffset = theBuffer.position() + size * Integer.BYTES;
+ }
- private final ByteBuffer[] valueBuffers;
- private int logBaseTwoOfElementsPerValueFile;
- private int relativeIndexMask;
+ @Nullable
+ @Override
+ public T get(int index)
+ {
+ checkIndex(index);
- @Nullable
- private final ByteBuffer theBuffer;
+ final int startOffset;
+ final int endOffset;
- /**
- * Constructor for version one.
- */
- GenericIndexed(
- ByteBuffer buffer,
- ObjectStrategy<T> strategy,
- boolean allowReverseLookup
- )
- {
- this.versionOne = true;
+ if (index == 0) {
+ startOffset = Integer.BYTES;
+ endOffset = theBuffer.getInt(headerOffset);
+ } else {
+ int headerPosition = (index - 1) * Integer.BYTES;
+ startOffset = theBuffer.getInt(headerOffset + headerPosition) +
Integer.BYTES;
Review Comment:
## User-controlled data in arithmetic expression
This arithmetic expression depends on a [user-provided value](1),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](2),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](3),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](4),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](5),
potentially causing an overflow.
[Show more
details](https://github.com/apache/druid/security/code-scanning/5252)
##########
processing/src/main/java/org/apache/druid/segment/data/GenericIndexed.java:
##########
@@ -238,75 +232,243 @@
return numberOfFilesRequired;
}
+ protected final ObjectStrategy<T> strategy;
+ protected final boolean allowReverseLookup;
+ protected final int size;
- private final boolean versionOne;
+ public GenericIndexed(
+ final ObjectStrategy<T> strategy,
+ final boolean allowReverseLookup,
+ final int size
+ )
+ {
+ this.strategy = strategy;
+ this.allowReverseLookup = allowReverseLookup;
+ this.size = size;
+ }
- private final ObjectStrategy<T> strategy;
- private final boolean allowReverseLookup;
- private final int size;
- private final ByteBuffer headerBuffer;
+ public abstract BufferIndexed singleThreaded();
- private final ByteBuffer firstValueBuffer;
+ @Override
+ public abstract long getSerializedSize();
+
+ private static final class V1<T> extends GenericIndexed<T>
+ {
+ @SuppressWarnings("rawtypes")
+ private static final MetaSerdeHelper<GenericIndexed.V1> META_SERDE_HELPER
= MetaSerdeHelper
+ .firstWriteByte((GenericIndexed.V1 x) -> VERSION_ONE)
+ .writeByte(x -> x.allowReverseLookup ? REVERSE_LOOKUP_ALLOWED :
REVERSE_LOOKUP_DISALLOWED)
+ .writeInt(x -> Ints.checkedCast(x.theBuffer.remaining() + (long)
Integer.BYTES))
+ .writeInt(x -> x.size);
+
+ private final ByteBuffer theBuffer;
+ private final int headerOffset;
+ private final int valuesOffset;
+
+ V1(
+ final ByteBuffer buffer,
+ final ObjectStrategy<T> strategy,
+ final boolean allowReverseLookup
+ )
+ {
+ super(strategy, allowReverseLookup, buffer.getInt());
+ this.theBuffer = buffer;
+ this.headerOffset = theBuffer.position();
+ this.valuesOffset = theBuffer.position() + size * Integer.BYTES;
+ }
- private final ByteBuffer[] valueBuffers;
- private int logBaseTwoOfElementsPerValueFile;
- private int relativeIndexMask;
+ @Nullable
+ @Override
+ public T get(int index)
+ {
+ checkIndex(index);
- @Nullable
- private final ByteBuffer theBuffer;
+ final int startOffset;
+ final int endOffset;
- /**
- * Constructor for version one.
- */
- GenericIndexed(
- ByteBuffer buffer,
- ObjectStrategy<T> strategy,
- boolean allowReverseLookup
- )
- {
- this.versionOne = true;
+ if (index == 0) {
+ startOffset = Integer.BYTES;
+ endOffset = theBuffer.getInt(headerOffset);
+ } else {
+ int headerPosition = (index - 1) * Integer.BYTES;
+ startOffset = theBuffer.getInt(headerOffset + headerPosition) +
Integer.BYTES;
+ endOffset = theBuffer.getInt(headerOffset + headerPosition +
Integer.BYTES);
+ }
+ return copyBufferAndGet(theBuffer, valuesOffset + startOffset,
valuesOffset + endOffset);
Review Comment:
## User-controlled data in arithmetic expression
This arithmetic expression depends on a [user-provided value](1),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](2),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](3),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](4),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](5),
potentially causing an overflow.
[Show more
details](https://github.com/apache/druid/security/code-scanning/5255)
##########
processing/src/main/java/org/apache/druid/segment/data/GenericIndexed.java:
##########
@@ -238,75 +232,243 @@
return numberOfFilesRequired;
}
+ protected final ObjectStrategy<T> strategy;
+ protected final boolean allowReverseLookup;
+ protected final int size;
- private final boolean versionOne;
+ public GenericIndexed(
+ final ObjectStrategy<T> strategy,
+ final boolean allowReverseLookup,
+ final int size
+ )
+ {
+ this.strategy = strategy;
+ this.allowReverseLookup = allowReverseLookup;
+ this.size = size;
+ }
- private final ObjectStrategy<T> strategy;
- private final boolean allowReverseLookup;
- private final int size;
- private final ByteBuffer headerBuffer;
+ public abstract BufferIndexed singleThreaded();
- private final ByteBuffer firstValueBuffer;
+ @Override
+ public abstract long getSerializedSize();
+
+ private static final class V1<T> extends GenericIndexed<T>
+ {
+ @SuppressWarnings("rawtypes")
+ private static final MetaSerdeHelper<GenericIndexed.V1> META_SERDE_HELPER
= MetaSerdeHelper
+ .firstWriteByte((GenericIndexed.V1 x) -> VERSION_ONE)
+ .writeByte(x -> x.allowReverseLookup ? REVERSE_LOOKUP_ALLOWED :
REVERSE_LOOKUP_DISALLOWED)
+ .writeInt(x -> Ints.checkedCast(x.theBuffer.remaining() + (long)
Integer.BYTES))
+ .writeInt(x -> x.size);
+
+ private final ByteBuffer theBuffer;
+ private final int headerOffset;
+ private final int valuesOffset;
+
+ V1(
+ final ByteBuffer buffer,
+ final ObjectStrategy<T> strategy,
+ final boolean allowReverseLookup
+ )
+ {
+ super(strategy, allowReverseLookup, buffer.getInt());
+ this.theBuffer = buffer;
+ this.headerOffset = theBuffer.position();
+ this.valuesOffset = theBuffer.position() + size * Integer.BYTES;
+ }
- private final ByteBuffer[] valueBuffers;
- private int logBaseTwoOfElementsPerValueFile;
- private int relativeIndexMask;
+ @Nullable
+ @Override
+ public T get(int index)
+ {
+ checkIndex(index);
- @Nullable
- private final ByteBuffer theBuffer;
+ final int startOffset;
+ final int endOffset;
- /**
- * Constructor for version one.
- */
- GenericIndexed(
- ByteBuffer buffer,
- ObjectStrategy<T> strategy,
- boolean allowReverseLookup
- )
- {
- this.versionOne = true;
+ if (index == 0) {
+ startOffset = Integer.BYTES;
+ endOffset = theBuffer.getInt(headerOffset);
+ } else {
+ int headerPosition = (index - 1) * Integer.BYTES;
+ startOffset = theBuffer.getInt(headerOffset + headerPosition) +
Integer.BYTES;
+ endOffset = theBuffer.getInt(headerOffset + headerPosition +
Integer.BYTES);
+ }
+ return copyBufferAndGet(theBuffer, valuesOffset + startOffset,
valuesOffset + endOffset);
+ }
- this.theBuffer = buffer;
- this.strategy = strategy;
- this.allowReverseLookup = allowReverseLookup;
- size = theBuffer.getInt();
+ @Override
+ public BufferIndexed singleThreaded()
+ {
+ final ByteBuffer copyBuffer = theBuffer.asReadOnlyBuffer();
+ return new BufferIndexed()
+ {
+ @Nullable
+ @Override
+ protected ByteBuffer getByteBuffer(final int index)
+ {
+ checkIndex(index);
+
+ final int startOffset;
+ final int endOffset;
+
+ if (index == 0) {
+ startOffset = Integer.BYTES;
+ endOffset = theBuffer.getInt(headerOffset);
+ } else {
+ int headerPosition = (index - 1) * Integer.BYTES;
Review Comment:
## User-controlled data in arithmetic expression
This arithmetic expression depends on a [user-provided value](1),
potentially causing an underflow.
This arithmetic expression depends on a [user-provided value](2),
potentially causing an underflow.
This arithmetic expression depends on a [user-provided value](3),
potentially causing an underflow.
This arithmetic expression depends on a [user-provided value](4),
potentially causing an underflow.
This arithmetic expression depends on a [user-provided value](5),
potentially causing an underflow.
[Show more
details](https://github.com/apache/druid/security/code-scanning/5256)
##########
processing/src/main/java/org/apache/druid/segment/data/GenericIndexed.java:
##########
@@ -238,75 +232,243 @@
return numberOfFilesRequired;
}
+ protected final ObjectStrategy<T> strategy;
+ protected final boolean allowReverseLookup;
+ protected final int size;
- private final boolean versionOne;
+ public GenericIndexed(
+ final ObjectStrategy<T> strategy,
+ final boolean allowReverseLookup,
+ final int size
+ )
+ {
+ this.strategy = strategy;
+ this.allowReverseLookup = allowReverseLookup;
+ this.size = size;
+ }
- private final ObjectStrategy<T> strategy;
- private final boolean allowReverseLookup;
- private final int size;
- private final ByteBuffer headerBuffer;
+ public abstract BufferIndexed singleThreaded();
- private final ByteBuffer firstValueBuffer;
+ @Override
+ public abstract long getSerializedSize();
+
+ private static final class V1<T> extends GenericIndexed<T>
+ {
+ @SuppressWarnings("rawtypes")
+ private static final MetaSerdeHelper<GenericIndexed.V1> META_SERDE_HELPER
= MetaSerdeHelper
+ .firstWriteByte((GenericIndexed.V1 x) -> VERSION_ONE)
+ .writeByte(x -> x.allowReverseLookup ? REVERSE_LOOKUP_ALLOWED :
REVERSE_LOOKUP_DISALLOWED)
+ .writeInt(x -> Ints.checkedCast(x.theBuffer.remaining() + (long)
Integer.BYTES))
+ .writeInt(x -> x.size);
+
+ private final ByteBuffer theBuffer;
+ private final int headerOffset;
+ private final int valuesOffset;
+
+ V1(
+ final ByteBuffer buffer,
+ final ObjectStrategy<T> strategy,
+ final boolean allowReverseLookup
+ )
+ {
+ super(strategy, allowReverseLookup, buffer.getInt());
+ this.theBuffer = buffer;
+ this.headerOffset = theBuffer.position();
+ this.valuesOffset = theBuffer.position() + size * Integer.BYTES;
+ }
- private final ByteBuffer[] valueBuffers;
- private int logBaseTwoOfElementsPerValueFile;
- private int relativeIndexMask;
+ @Nullable
+ @Override
+ public T get(int index)
+ {
+ checkIndex(index);
- @Nullable
- private final ByteBuffer theBuffer;
+ final int startOffset;
+ final int endOffset;
- /**
- * Constructor for version one.
- */
- GenericIndexed(
- ByteBuffer buffer,
- ObjectStrategy<T> strategy,
- boolean allowReverseLookup
- )
- {
- this.versionOne = true;
+ if (index == 0) {
+ startOffset = Integer.BYTES;
+ endOffset = theBuffer.getInt(headerOffset);
+ } else {
+ int headerPosition = (index - 1) * Integer.BYTES;
+ startOffset = theBuffer.getInt(headerOffset + headerPosition) +
Integer.BYTES;
+ endOffset = theBuffer.getInt(headerOffset + headerPosition +
Integer.BYTES);
Review Comment:
## User-controlled data in arithmetic expression
This arithmetic expression depends on a [user-provided value](1),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](2),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](3),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](4),
potentially causing an overflow.
This arithmetic expression depends on a [user-provided value](5),
potentially causing an overflow.
[Show more
details](https://github.com/apache/druid/security/code-scanning/5253)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
