Fix client v2 varint overflow#2894
Conversation
|
Repository collaborators can run the JMH benchmark suite against this PR by commenting: Optional regression threshold override (Δ% on Time or Alloc/op; defaults to 10%): Only one benchmark run per PR is active at a time — issuing a new |
|
Thank you for the contribution! We will review the PR. Thanks! |
| int value = 0; | ||
|
|
||
| for (int i = 0; i < 10; i++) { | ||
| for (int i = 0; i < 5; i++) { |
There was a problem hiding this comment.
what var int could be in data from server?
problem may be we need to adjust using 64-bit varint.
There was a problem hiding this comment.
Please find more details in the issue: #2902.
The tests in this PR demonstrate two cases that are currently decoded incorrectly:
- Overflow:
80 80 80 80 08, - Overlong encoding:
80 80 80 80 80 01.
I agree that if any of these readers are expected to decode protocol-level 64-bit varints, then introducing a dedicated long-returning reader (and updating the relevant call sites) would be a better long-term solution. My goal in this PR was to make the current int-returning implementation fail explicitly instead of silently returning a corrupted value.
Summary
Fixes
BinaryStreamReader.readVarIntinclient-v2so malformed or overflowing varints are rejected instead of being decoded into corrupted or negativeintvalues.The previous implementation accumulated into an
intwhile looping up to 10 bytes. For bytes after the 5th, Java masksintshift distances modulo 32, so overlong varints could corrupt lower bits. It also allowed 5-byte values aboveInteger.MAX_VALUE, which can become negative sizes/counts.This PR covers one of the cases described in the issue #2902.
Changes
readVarIntdecoding to 5 bytes.intrange or continue past 5 bytes.Integer.MAX_VALUEInteger.MAX_VALUECompatibility
This changes handling of malformed/overflowing binary varints from silent decoding to
IOException. Valid non-negativeintvarints are unchanged.Testing
mvn -Duser.timezone=UTC -pl client-v2 -am -Dtest=BinaryStreamReaderTests -Dsurefire.failIfNoSpecifiedTests=false testmvn -Duser.timezone=UTC -DskipITs clean verifyChecklist