Fix union index out of boundary issue #33022
Closed
HarryLeeIBM wants to merge 3 commits intoClickHouse:masterfrom
Closed
Fix union index out of boundary issue #33022HarryLeeIBM wants to merge 3 commits intoClickHouse:masterfrom
HarryLeeIBM wants to merge 3 commits intoClickHouse:masterfrom
Conversation
robot-clickhouse
added
the
pr-bugfix
|
|
alexey-milovidov
added
the
can be tested
|
|
||
| namespace DB | ||
| { | ||
| namespace ErrorCodes |
Member
There was a problem hiding this comment.
We should put only used ErrorCodes in .h and in .cpp files.
Contributor
There was a problem hiding this comment.
pushed new commit as per your comments.
alexey-milovidov
added
can be tested
mreddy017
force-pushed
the
Issue80
branch
3 times, most recently
from
2ecb426 to
3044483
Compare
alexey-milovidov
approved these changes
Dec 22, 2021
Merged
alexey-milovidov
added a commit
that referenced
this pull request
Dec 23, 2021
Member
|
Merged here: #33022 |
robot-clickhouse
pushed a commit
that referenced
this pull request
Dec 23, 2021
robot-clickhouse
pushed a commit
that referenced
this pull request
Dec 23, 2021
robot-clickhouse
pushed a commit
that referenced
this pull request
Dec 23, 2021
robot-clickhouse
pushed a commit
that referenced
this pull request
Dec 23, 2021
robot-clickhouse
pushed a commit
that referenced
this pull request
Dec 23, 2021
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I hereby agree to the terms of the CLA available at: https://yandex.ru/legal/cla/?lang=en
Changelog category:
Changelog entry:
Fixed Apache Avro Union type index out of boundary issue in Apache Avro binary format.
Detailed description / Documentation draft:
ClickHouse supports input and output in the Apache Avro format. When deserializing this data, the file format can specify a series of actions to resolve the schema of the data. While handling a Union action, ClickHouse fails to ensure that decoded index value is within bounds of the collection of actions to be performed. Attacker can put an out-of-bound index in Union type which can crash ClickHouse.
The fix is to add the boundary checking code to ensure index is in safe range otherwise exception will be thrown.
The fix also includes a functional test which uses an Avro test file in binary format. The test file is copied from existing nested_complex.avro except it has an incorrect index(2 instead of 1) of Union type which would crash ClickHouse without the fix.