[
https://issues.apache.org/jira/browse/AVRO-3225?focusedWorklogId=662069&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-662069
]
ASF GitHub Bot logged work on AVRO-3225:
----------------------------------------
Author: ASF GitHub Bot
Created on: 07/Oct/21 23:13
Start Date: 07/Oct/21 23:13
Worklog Time Spent: 10m
Work Description: PSanetra opened a new pull request #1357:
URL: https://github.com/apache/avro/pull/1357
### Jira
- [x] My PR addresses the following [Avro
Jira](https://issues.apache.org/jira/browse/AVRO/) issues and references them
in the PR title.
- AVRO-3225
### Tests
- [x] My PR adds the following unit tests:
`BinaryCodecTests.TestInvalidInputWithNegativeStringLength`
### Commits
- [x] My commits all reference Jira issues in their subject lines. In
addition, my commits follow the guidelines from "[How to write a good git
commit message](https://chris.beams.io/posts/git-commit/)":
1. Subject is separated from body by a blank line
1. Subject is limited to 50 characters (not including Jira issue reference)
1. Subject does not end with a period
1. Subject uses the imperative mood ("add", not "adding")
1. Body wraps at 72 characters
1. Body explains "what" and "why", not "how"
### Documentation
- [x] In case of new functionality, my PR adds documentation that describes
how to use it.
- All the public functions and the classes in the PR contain Javadoc that
explain what it does
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 662069)
Time Spent: 20m (was: 10m)
> StackOverflowException on invalid input for BinaryDecoder.ReadString on
> NetStandard 2.1+
> ----------------------------------------------------------------------------------------
>
> Key: AVRO-3225
> URL: https://issues.apache.org/jira/browse/AVRO-3225
> Project: Apache Avro
> Issue Type: Bug
> Components: csharp
> Reporter: Philip Sanetra
> Priority: Major
> Labels: pull-request-available
> Time Spent: 20m
> Remaining Estimate: 0h
>
> The BinaryDecoder.ReadString() method on NetStandard2.1+ produces a stack
> overflow exception if there is invalid input caused by this code:
>
> {code:java}
> int length = ReadInt();
> Span<byte> buffer = length <= StackallocThreshold ? stackalloc byte[length] :
> (bufferArray = ArrayPool<byte>.Shared.Rent(length)).AsSpan(0,
> length);
> {code}
>
> This code fails if ReadInt() returns a negative value.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
