iemejia commented on code in PR #3851:
URL: https://github.com/apache/avro/pull/3851#discussion_r3567383862
##########
lang/ruby/lib/avro/data_file.rb:
##########
@@ -339,6 +372,18 @@ def codec_name; 'snappy'; end
def decompress(data)
load_snappy!
+ # The Snappy block header declares the uncompressed length as a varint;
+ # reject an over-large block before allocating for it.
+ limit = DataFile.max_decompress_length
+ declared = self.class.snappy_declared_length(data)
+ # Fail closed: a block whose length header cannot be parsed is
malformed
+ # and must not be handed to the decompressor with the guard bypassed.
+ if declared.nil?
+ raise DataFileError, "Snappy block has an unparseable length header"
+ end
+ if declared > limit
+ raise DecompressionSizeError, "Decompressed block size exceeds the
maximum allowed of #{limit} bytes"
+ end
crc32 = data.slice(-4..-1).unpack('N').first
uncompressed = Snappy.inflate(data.slice(0..-5))
Review Comment:
Fixed — the CRC32 trailer is only read when `data.bytesize >= 4`; a shorter
buffer falls through to the legacy no-checksum path (`Snappy.inflate(data)`)
instead of raising NoMethodError on a nil slice.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]