Labels: Type-Defect Priority-Medium
New issue 639 by leonid.g...@gmail.com: Protobuf segfaults on attempt to
serialize a very large object
What steps will reproduce the problem?
1. attempt to serialize message larger than 2.1 Gb
2. Running on RHEL 5. using gcc 4.1.2.
What is the expected output? What do you see instead?
Expect serialization to complete. Instead getting a segfault.
What version of the product are you using? On what operating system?
Checked source code for 2.5.0, which appears to have same issue.
Please provide any additional information below.
problem appears to be in "bool StringOutputStream::Next(void** data, int*
please see suggested patch in attachment.
Problem occurs when size of serialized object grows above 2.1 Gb (2 ^ 31
bytes). In current implementation there is a signed integer that holds "old
int old_size = target_->size();
max(old_size * 2,
kMinimumSize + 0)); // "+ 0" works around GCC4 weirdness.
Thus it is possible that "old_size * 2" becomes negative. And as a result
of that "new size" becomes actually less than original one, which
eventually leads to segfault (on attempt to access 'old_size' element in
reallocated small buffer).
It is a separate question on whether or not it is good design that leads to
such large serialized objects, but I don believe that protobuf library code
should cause segfault.
This actually brings a related question on signature of following methods:
bool Next(void** data, int* size)
void BackUp(int count)
int Skip(int count)
Should not "size" argument be unsigned?
zero_copy_stream_impl_lite.cc.patch 2.0 KB
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
You received this message because you are subscribed to the Google Groups "Protocol
To unsubscribe from this group and stop receiving emails from it, send an email
To post to this group, send email to email@example.com.
Visit this group at http://groups.google.com/group/protobuf.
For more options, visit https://groups.google.com/d/optout.