hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Prasanth Jayachandran (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-13397) ORC CompressedStream.read implementation not compatible with SerializationUtils in exceptional case
Date Fri, 01 Apr 2016 03:54:25 GMT

    [ https://issues.apache.org/jira/browse/HIVE-13397?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15221109#comment-15221109
] 

Prasanth Jayachandran commented on HIVE-13397:
----------------------------------------------

2.0.1 should have the fix which should be out in few weeks. I don't have the exact timeline
for 2.0.1. 

> ORC CompressedStream.read implementation not compatible with SerializationUtils in exceptional
case
> ---------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-13397
>                 URL: https://issues.apache.org/jira/browse/HIVE-13397
>             Project: Hive
>          Issue Type: Bug
>            Reporter: Yuxing Yao
>
> I used a orc file with some bytes corrupt to test whether the reader is vulnerable to
attacks. And I found there's a point in CompressedStream not acting correctly when handling
the exceptional case, and will cause a infinite loop.
> In
> org.apache.hadoop.hive.ql.io.orc.InStream$CompressedStream.read(byte[] data, int offset,
int length)
> when the data is incorrect, it will return -1 to mark that is exceptional case, (Not
throwing exception which is the right behavior for this buffered read).
> and in 
> SerializationUtils.readLongBE(InStream in, long[] buffer, int start, int numHops, int
numBytes)
>     // bulk read to buffer
>     int bytesRead = in.read(readBuffer, 0, toRead);
>     while (bytesRead != toRead) {
>       bytesRead += in.read(readBuffer, bytesRead, toRead - bytesRead);
>     }
> it do not check the -1 return value. and add the the bytesRead directly, which caused
the infinite loop.
> Either change the read to throw exception or add -1 check here can fix this.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message