iemejia commented on code in PR #3854:
URL: https://github.com/apache/avro/pull/3854#discussion_r3567467872


##########
lang/c++/impl/DataFile.cc:
##########
@@ -627,12 +679,25 @@ void DataFileReaderBase::readDataBlock() {
 
             const uint8_t *data;
             size_t len;
+            const size_t maxLength = maxDecompressLength();
             while (ret != Z_STREAM_END && st->next(&data, &len)) {
                 zs.avail_in = static_cast<uInt>(len);
                 zs.next_in = const_cast<Bytef *>(data);
                 do {
                     if (zs.total_out == uncompressed.size()) {
-                        uncompressed.resize(uncompressed.size() + 
zlibBufGrowSize);
+                        // Reject a block that decompresses to more than the
+                        // allowed maximum, before growing the buffer further.
+                        if (uncompressed.size() >= maxLength) {
+                            (void) inflateEnd(&zs);
+                            throw Exception(
+                                "Decompressed block size exceeds the maximum 
allowed of {} bytes",
+                                maxLength);

Review Comment:
   This was addressed in commit 432b7856c5 — the deflate over-limit exception 
now reports the would-be size (`uncompressed.size() + 1`, i.e. at least 
maxLength + 1) alongside the limit: 'Decompressed block size {} exceeds the 
maximum allowed of {} bytes', consistent with the snappy/zstd errors.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to