[
https://issues.apache.org/jira/browse/PARQUET-1997?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17299049#comment-17299049
]
Antoine Pitrou commented on PARQUET-1997:
-----------------------------------------
Hmm, you're right, I had overlooked that. But what point is there in returning
the encrypted length from {{Encrypt()}} then?
> [C++] AesEncryptor and AesDecryptor primitives are unsafe
> ---------------------------------------------------------
>
> Key: PARQUET-1997
> URL: https://issues.apache.org/jira/browse/PARQUET-1997
> Project: Parquet
> Issue Type: Bug
> Components: parquet-cpp
> Reporter: Antoine Pitrou
> Priority: Major
>
> {{AesEncryptor::Encrypt}}, {{AesDecryptor::Decrypt}} take a pointer to the
> output buffer but without the output buffer length. The caller is required to
> guess the expected output length. The functions also return the written
> output length, but at this point it's too late: data may have been written
> out of bounds.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
