Re: [PR] [C++][Parquet] Saturate ApplicationVersion components instead of atoi UB [arrow]

Fri, 22 May 2026 00:29:43 -0700 


Copilot commented on code in PR #50013:
URL: https://github.com/apache/arrow/pull/50013#discussion_r3286667656


##########
cpp/src/parquet/metadata_test.cc:
##########
@@ -731,6 +733,32 @@ TEST(ApplicationVersion, 
VersionNoUnknownBuildInfoPreRelease) {
   ASSERT_EQ("cd-cdh5.5.0", version.version.build_info);
 }
 
+TEST(ApplicationVersion, VersionComponentOverflow) {
+  // Version components in `created_by` are attacker-controlled. std::atoi
+  // exhibits undefined behavior when the converted value overflows int, so
+  // the parser must clamp instead of calling atoi.
+  ApplicationVersion version(
+      "parquet-mr version 99999999999999999999.88888888888888888888."
+      "77777777777777777777 (build abcd)");
+
+  ASSERT_EQ("parquet-mr", version.application_);
+  ASSERT_EQ("abcd", version.build_);
+  ASSERT_EQ(std::numeric_limits<int>::max(), version.version.major);
+  ASSERT_EQ(std::numeric_limits<int>::max(), version.version.minor);
+  ASSERT_EQ(std::numeric_limits<int>::max(), version.version.patch);
+
+  // Boundary cases: INT_MAX is representable, INT_MAX+1 saturates.
+  ApplicationVersion at_max("parquet-mr version 
2147483647.2147483647.2147483647");
+  ASSERT_EQ(std::numeric_limits<int>::max(), at_max.version.major);
+  ASSERT_EQ(std::numeric_limits<int>::max(), at_max.version.minor);
+  ASSERT_EQ(std::numeric_limits<int>::max(), at_max.version.patch);
+
+  ApplicationVersion just_over("parquet-mr version 
2147483648.2147483648.2147483648");
+  ASSERT_EQ(std::numeric_limits<int>::max(), just_over.version.major);

Review Comment:
   The boundary-case assertions hardcode 2147483647/2147483648, which assumes 
`int` is 32-bit. To keep this test portable across supported 
platforms/compilers, consider constructing these `created_by` strings from 
`std::numeric_limits<int>::max()` (and `max()+1` using a wider type) instead of 
embedding fixed literals.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to