lucasbru commented on code in PR #22514:
URL: https://github.com/apache/kafka/pull/22514#discussion_r3394691598
##########
clients/src/main/java/org/apache/kafka/common/serialization/ListDeserializer.java:
##########
@@ -153,8 +153,8 @@ private List<Integer> deserializeNullIndexList(final
DataInputStream dis, final
if (nullIndexListSize < 0) {
throw new SerializationException("Corrupted byte[]. The number of
null list entries cannot be negative.");
}
- if (nullIndexListSize > length) {
- throw new SerializationException("Corrupted byte[]. The number of
null list entries cannot be larger than overall number of bytes.");
+ if (nullIndexListSize > length / primitiveSize) {
Review Comment:
I think the scenario still stands, just at a different spot. If a corrupted
payload has the CONSTANT_SIZE flag but the inner serde is variable-length
(primitiveSize == null), the null-index check is now fine with Integer.BYTES,
but readEntrySize still does `return primitiveSize;` for CONSTANT_SIZE, which
unboxes null -> NPE (and it's not caught, only IOException is). Reachable once
size > 0. Might be worth guarding primitiveSize == null with a
SerializationException.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
