[
https://issues.apache.org/jira/browse/IMPALA-14666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18051441#comment-18051441
]
ASF subversion and git services commented on IMPALA-14666:
----------------------------------------------------------
Commit a146d91aa7b5ef9e32c59b453e985333721bf799 in impala's branch
refs/heads/master from Peter Rozsa
[ https://gitbox.apache.org/repos/asf?p=impala.git;h=a146d91aa ]
IMPALA-14666: Fix invalid input handling for aes_decrypt
aes_decrypt with AES_128_GCM and AES_256_GCM modes subtracts the AES
block size from the length of the input that causes negative numbers
if the input text is shorter than the block size. This change adds a
check for GCM mode and reports an error if the input is shorter than
the block size.
Tests:
- new test cases added to encryption_exprs_errors.test
Change-Id: I8e23c2682b851082479a52d754b74f35fe0734c7
Reviewed-on: http://gerrit.cloudera.org:8080/23839
Reviewed-by: Impala Public Jenkins <[email protected]>
Tested-by: Impala Public Jenkins <[email protected]>
> Invalid input causes crash in aes_decrypt
> -----------------------------------------
>
> Key: IMPALA-14666
> URL: https://issues.apache.org/jira/browse/IMPALA-14666
> Project: IMPALA
> Issue Type: Bug
> Components: Backend
> Reporter: Peter Rozsa
> Assignee: Peter Rozsa
> Priority: Major
>
> Invalid, smaller than 16-byte-long strings cause a crash for AES_128_GCM mode.
> Reproduction:
> select aes_decrypt("a",'1234567890123456','AES_128_GCM','1234567890123456');
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
