Joe McDonnell has uploaded a new patch set (#3). Change subject: IMPALA-5172: Buffer overrun for Snappy decompression ......................................................................
IMPALA-5172: Buffer overrun for Snappy decompression When using a preallocated buffer for decompression, a file corruption can lead to the expected decompressed size being smaller than the actual decompressed size. Since we use this for allocating the output buffer, decompression needs to be able to handle a buffer that is too small. Snappy does not properly handle a buffer that is too small and will overrun the buffer. This changes the code to check the decompressed length and return an error if the buffer is not large enough. It also adds a test to verify that this behavior is respected for other compression algorithms. Change-Id: I45b75f61e8c0ae85f9add5b13ac2b161a803d2ba --- M be/src/util/decompress-test.cc M be/src/util/decompress.cc 2 files changed, 54 insertions(+), 3 deletions(-) git pull ssh://gerrit.cloudera.org:29418/Impala-ASF refs/changes/25/6625/3 -- To view, visit http://gerrit.cloudera.org:8080/6625 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: newpatchset Gerrit-Change-Id: I45b75f61e8c0ae85f9add5b13ac2b161a803d2ba Gerrit-PatchSet: 3 Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-Owner: Joe McDonnell <[email protected]> Gerrit-Reviewer: Dan Hecht <[email protected]> Gerrit-Reviewer: Joe McDonnell <[email protected]> Gerrit-Reviewer: Sailesh Mukil <[email protected]>
