[jira] [Assigned] (ORC-2161) [C++] UnionColumnReader should reject out-of-range union tags

Gang Wu (Jira) Thu, 07 May 2026 00:53:08 -0700


     [ 
https://issues.apache.org/jira/browse/ORC-2161?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Gang Wu reassigned ORC-2161:
----------------------------


> [C++] UnionColumnReader should reject out-of-range union tags
> -------------------------------------------------------------
>
>                 Key: ORC-2161
>                 URL: https://issues.apache.org/jira/browse/ORC-2161
>             Project: ORC
>          Issue Type: Bug
>            Reporter: Gang Wu
>            Assignee: Gang Wu
>            Priority: Major
>
> The C++ UnionColumnReader trusts union tag bytes decoded from the ORC DATA 
> stream and uses them directly as indexes into per-child count arrays. For 
> malformed ORC files, a union tag value greater than or equal to the number of 
> union children causes out-of-bounds access instead of reporting invalid input.
> This affects:
>  * UnionColumnReader::skip()
>  * UnionColumnReader::nextInternal()
>  * UnionColumnPrinter::printRow() has the same unchecked tag dispatch pattern
> The reader should validate each non-null union tag against 
> type.getSubtypeCount() and throw ParseError when the tag is invalid.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (ORC-2161) [C++] UnionColumnReader should reject out-of-range union tags

Reply via email to