github-advanced-security[bot] commented on code in PR #2741:
URL: https://github.com/apache/avro/pull/2741#discussion_r1494263345


##########
lang/csharp/src/apache/main/Schema/Schema.cs:
##########
@@ -192,9 +192,14 @@
                         return ArraySchema.NewInstance(jtok, props, names, 
encspace);
                     if (type.Equals("map", StringComparison.Ordinal))
                         return MapSchema.NewInstance(jtok, props, names, 
encspace);
-                    if (null != jo["logicalType"]) // logical type based on a 
primitive
-                        return LogicalSchema.NewInstance(jtok, props, names, 
encspace);
-
+                    try
+                    {
+                        if (null != jo["logicalType"]) // logical type based 
on a primitive
+                            return LogicalSchema.NewInstance(jtok, props, 
names, encspace);
+                    }
+                    // swallow exception from unknown logicalType
+                    catch { }

Review Comment:
   ## Generic catch clause
   
   Generic catch clause.
   
   [Show more 
details](https://github.com/apache/avro/security/code-scanning/3184)



##########
lang/csharp/src/apache/test/Util/LogicalTypeTests.cs:
##########
@@ -419,5 +421,58 @@
             var converted = (Guid) 
avroUuid.ConvertToLogicalValue(avroUuid.ConvertToBaseValue(guid, schema), 
schema);
             Assert.AreEqual(guid, converted);
         }
+
+        /*
+            {
+              "fields": [
+                {
+                  "default": 0,
+                  "name": "firstField",
+                  "type": "int"
+                },
+                {
+                  "default": null,
+                  "name": "secondField",
+                  "type": [
+                    "null",
+                    {
+                      "logicalType": "varchar",
+                      "maxLength": 65,
+                      "type": "string"
+                    }
+                  ]
+                }
+              ],
+              "name": "sample_schema",
+              "type": "record"
+            }
+         */
+
+        // Before Change will throw Avro.AvroTypeException: 'Logical type 
'varchar' is not supported.'
+        // Per AVRO Spec (v1.8.0 - v1.11.1) ... Logical Types Section
+        //  Language implementations must ignore unknown logical types when 
reading, and should use the underlying Avro type.
+        [TestCase("{\"fields\": [{\"default\": 0,\"name\": 
\"firstField\",\"type\": \"int\"},{\"default\": null,\"name\": 
\"secondField\",\"type\": [\"null\",{\"logicalType\": 
\"varchar\",\"maxLength\": 65,\"type\": \"string\"}]}],\"name\": 
\"sample_schema\",\"type\": \"record\"}")]
+        public void TestUnknownLogicalType(string schemaText)
+        {
+            var schema = Avro.Schema.Parse(schemaText);
+            Assert.IsNotNull(schema);
+
+            var secondField = ((RecordSchema)schema).Fields.FirstOrDefault(f 
=> f.Name == @"secondField");
+            Assert.IsNotNull(secondField);
+
+            var secondFieldSchema = ((Field)secondField).Schema;

Review Comment:
   ## Cast to same type
   
   This cast is redundant because the expression already has type Field.
   
   [Show more 
details](https://github.com/apache/avro/security/code-scanning/3186)



##########
lang/csharp/src/apache/main/Schema/Schema.cs:
##########
@@ -192,9 +192,14 @@
                         return ArraySchema.NewInstance(jtok, props, names, 
encspace);
                     if (type.Equals("map", StringComparison.Ordinal))
                         return MapSchema.NewInstance(jtok, props, names, 
encspace);
-                    if (null != jo["logicalType"]) // logical type based on a 
primitive
-                        return LogicalSchema.NewInstance(jtok, props, names, 
encspace);
-
+                    try
+                    {
+                        if (null != jo["logicalType"]) // logical type based 
on a primitive
+                            return LogicalSchema.NewInstance(jtok, props, 
names, encspace);
+                    }
+                    // swallow exception from unknown logicalType
+                    catch { }

Review Comment:
   ## Poor error handling: empty catch block
   
   Poor error handling: empty catch block.
   
   [Show more 
details](https://github.com/apache/avro/security/code-scanning/3185)



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to