Pranay Singh has posted comments on this change. ( http://gerrit.cloudera.org:8080/8936 )
Change subject: IMPALA-3833: Fix invalid data handling in Sequence and RCFile scanners ...................................................................... Patch Set 2: (4 comments) http://gerrit.cloudera.org:8080/#/c/8936/2/be/src/exec/hdfs-rcfile-scanner.cc File be/src/exec/hdfs-rcfile-scanner.cc: http://gerrit.cloudera.org:8080/#/c/8936/2/be/src/exec/hdfs-rcfile-scanner.cc@177 PS2, Line 177: ss << "Codec bad, corrupted "; > Can you include a bit more detail, i.e. mention that it's RCFile and includ Done http://gerrit.cloudera.org:8080/#/c/8936/2/be/src/exec/hdfs-rcfile-scanner.cc@337 PS2, Line 337: ss << "Invalid bytes read col_idx: " << col_idx; > This could also do with a bit more detail. Added more detail to describe the error http://gerrit.cloudera.org:8080/#/c/8936/2/be/src/exec/hdfs-rcfile-scanner.cc@344 PS2, Line 344: void HdfsRCFileScanner::GetCurrentKeyBuffer(int col_idx, bool skip_col_data, > How does this avoid buffer overflows if we don't pass in the length of the Added length of the buffer and DCHECK to prevent reading beyond the buffer size. http://gerrit.cloudera.org:8080/#/c/8936/2/be/src/exec/hdfs-rcfile-scanner.cc@348 PS2, Line 348: GetVInt > These GetVInt() and GetVLong() interfaces seems fundamentally unsafe - they Changed all callers of GetVInt/GetVLong to pass length of the buffer which can be used to check out of bound access. -- To view, visit http://gerrit.cloudera.org:8080/8936 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Ic9cfc38af3f30c65ada9734eb471dbfa6ecdd74a Gerrit-Change-Number: 8936 Gerrit-PatchSet: 2 Gerrit-Owner: Pranay Singh Gerrit-Reviewer: Pranay Singh Gerrit-Reviewer: Tim Armstrong <tarmstr...@cloudera.com> Gerrit-Reviewer: anujphadke <apha...@cloudera.com> Gerrit-Comment-Date: Tue, 16 Jan 2018 21:10:18 +0000 Gerrit-HasComments: Yes