Quanlong Huang created ORC-403: ---------------------------------- Summary: Should check PostScript length before serializing it Key: ORC-403 URL: https://issues.apache.org/jira/browse/ORC-403 Project: ORC Issue Type: Bug Components: C++ Reporter: Quanlong Huang Assignee: Quanlong Huang
A malformed ORC file may have a postscript length larger than the file size, which causes orc:: readPostscript to read unexpected data. {code} std::unique_ptr<proto::PostScript> postscript = std::unique_ptr<proto::PostScript>(new proto::PostScript()); if (!postscript->ParseFromArray(ptr + readSize - 1 - postscriptSize, static_cast<int>(postscriptSize))) { throw ParseError("Failed to parse the postscript from " + stream->getName()); } {code} We should make sure readSize - 1 - postscriptSize >= 0. -- This message was sent by Atlassian JIRA (v7.6.3#76005)