Skip to content

Fix buffer overflow in unbin#66106

Merged
nickitat merged 1 commit intomasterfrom
fix_unbin
Jul 5, 2024
Merged

Fix buffer overflow in unbin#66106
nickitat merged 1 commit intomasterfrom
fix_unbin

Conversation

@nickitat
Copy link
Copy Markdown
Member

@nickitat nickitat commented Jul 4, 2024
edited
Loading

Changelog category (leave one):

  • Bug Fix (user-visible misbehavior in an official stable release)

Changelog entry (a user-readable short description of the changes that goes to CHANGELOG.md):

Fixed buffer overflow bug in unbin/unhex implementation.

Fixes: #66027

CI Settings (Only check the boxes if you know what you are doing):

  • Allow: All Required Checks
  • Allow: Stateless tests
  • Allow: Stateful tests
  • Allow: Integration Tests
  • Allow: Performance tests
  • Allow: All Builds
  • Allow: batch 1, 2 for multi-batch jobs
  • Allow: batch 3, 4, 5, 6 for multi-batch jobs
  • Exclude: Style check
  • Exclude: Fast test
  • Exclude: All with ASAN
  • Exclude: All with TSAN, MSAN, UBSAN, Coverage
  • Exclude: All with aarch64, release, debug
  • Do not test
  • Woolen Wolfdog
  • Upload binaries for special builds
  • Disable merge-commit
  • Disable CI cache

@robot-ch-test-poll3 robot-ch-test-poll3 added the pr-bugfix Pull request with bugfix, not backported by default label Jul 4, 2024
@robot-clickhouse-ci-1
Copy link
Copy Markdown
Contributor

robot-clickhouse-ci-1 commented Jul 4, 2024
edited by robot-ch-test-poll
Loading

This is an automated comment for commit ad23d21 with description of existing statuses. It's updated for the latest CI running

❌ Click here to open a full report in a separate page

Check nameDescriptionStatus
Stateless testsRuns stateless functional tests for ClickHouse binaries built in various configurations -- release, debug, with sanitizers, etc❌ failure
Stress testRuns stateless functional tests concurrently from several clients to detect concurrency-related errors❌ failure
Upgrade checkRuns stress tests on server version from last release and then tries to upgrade it to the version from the PR. It checks if the new server can successfully startup without any errors, crashes or sanitizer asserts❌ failure
Successful checks
Check nameDescriptionStatus
AST fuzzerRuns randomly generated queries to catch program errors. The build type is optionally given in parenthesis. If it fails, ask a maintainer for help✅ success
BuildsThere's no description for the check yet, please add it to tests/ci/ci_config.py:CHECK_DESCRIPTIONS✅ success
ClickBenchRuns [ClickBench](https://github.com/ClickHouse/ClickBench/) with instant-attach table✅ success
Compatibility checkChecks that clickhouse binary runs on distributions with old libc versions. If it fails, ask a maintainer for help✅ success
Docker keeper imageThe check to build and optionally push the mentioned image to docker hub✅ success
Docker server imageThe check to build and optionally push the mentioned image to docker hub✅ success
Docs checkBuilds and tests the documentation✅ success
Fast testNormally this is the first check that is ran for a PR. It builds ClickHouse and runs most of stateless functional tests, omitting some. If it fails, further checks are not started until it is fixed. Look at the report to see which tests fail, then reproduce the failure locally as described here✅ success
Flaky testsChecks if new added or modified tests are flaky by running them repeatedly, in parallel, with more randomization. Functional tests are run 100 times with address sanitizer, and additional randomization of thread scheduling. Integration tests are run up to 10 times. If at least once a new test has failed, or was too long, this check will be red. We don't allow flaky tests, read the doc✅ success
Install packagesChecks that the built packages are installable in a clear environment✅ success
Integration testsThe integration tests report. In parenthesis the package type is given, and in square brackets are the optional part/total tests✅ success
Performance ComparisonMeasure changes in query performance. The performance test report is described in detail here. In square brackets are the optional part/total tests✅ success
Stateful testsRuns stateful functional tests for ClickHouse binaries built in various configurations -- release, debug, with sanitizers, etc✅ success
Style checkRuns a set of checks to keep the code style clean. If some of tests failed, see the related log from the report✅ success
Unit testsRuns the unit tests for different release types✅ success

@alexey-milovidov alexey-milovidov added the pr-must-backport Pull request should be backported intentionally. Use this label with great care! label Jul 4, 2024
@alexey-milovidov alexey-milovidov self-assigned this Jul 4, 2024
@nickitat nickitat added this pull request to the merge queue Jul 5, 2024
Merged via the queue into master with commit 76119a4 Jul 5, 2024
@nickitat nickitat deleted the fix_unbin branch July 5, 2024 16:22
@robot-ch-test-poll3 robot-ch-test-poll3 added the pr-synced-to-cloud The PR is synced to the cloud repo label Jul 5, 2024
@robot-ch-test-poll1 robot-ch-test-poll1 mentioned this pull request Jul 5, 2024
Merged
robot-clickhouse added a commit that referenced this pull request Jul 5, 2024
@robot-clickhouse
Backport #66106 to 23.8: Fix buffer overflow in unbin
fe9040e
This was referenced Jul 5, 2024
Closed
Merged
robot-clickhouse added a commit that referenced this pull request Jul 5, 2024
@robot-clickhouse
Backport #66106 to 24.3: Fix buffer overflow in unbin
f563332
This was referenced Jul 5, 2024
Merged
Merged
robot-clickhouse added a commit that referenced this pull request Jul 5, 2024
@robot-clickhouse
Backport #66106 to 24.4: Fix buffer overflow in unbin
547fdcc
This was referenced Jul 5, 2024
Merged
Merged
robot-clickhouse added a commit that referenced this pull request Jul 5, 2024
@robot-clickhouse
Backport #66106 to 24.5: Fix buffer overflow in unbin
ed7dcc4
This was referenced Jul 5, 2024
Merged
Merged
robot-clickhouse added a commit that referenced this pull request Jul 5, 2024
@robot-clickhouse
Backport #66106 to 24.6: Fix buffer overflow in unbin
2d5af08
@robot-ch-test-poll1 robot-ch-test-poll1 mentioned this pull request Jul 5, 2024
Merged
@robot-clickhouse-ci-2 robot-clickhouse-ci-2 added the pr-backports-created Backport PRs are successfully created, it won't be processed by CI script anymore label Jul 5, 2024
@robot-ch-test-poll1 robot-ch-test-poll1 added the pr-backports-created-cloud deprecated label, NOOP label Jul 5, 2024
robot-clickhouse-ci-1 added a commit that referenced this pull request Jul 5, 2024
@robot-clickhouse-ci-1
Merge pull request #66157 from ClickHouse/backport/24.6/66106
80ef33f 
Backport #66106 to 24.6: Fix buffer overflow in `unbin`
robot-ch-test-poll2 added a commit that referenced this pull request Jul 5, 2024
@robot-ch-test-poll2
Merge pull request #66155 from ClickHouse/backport/24.5/66106
db5e113 
Backport #66106 to 24.5: Fix buffer overflow in `unbin`
robot-clickhouse added a commit that referenced this pull request Jul 5, 2024
@robot-clickhouse
Merge pull request #66151 from ClickHouse/backport/24.3/66106
2153da8 
Backport #66106 to 24.3: Fix buffer overflow in `unbin`
robot-ch-test-poll3 added a commit that referenced this pull request Jul 5, 2024
@robot-ch-test-poll3
Merge pull request #66153 from ClickHouse/backport/24.4/66106
f8de91f 
Backport #66106 to 24.4: Fix buffer overflow in `unbin`
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alexey-milovidov alexey-milovidov alexey-milovidov approved these changes

Assignees

@alexey-milovidov alexey-milovidov

Labels

pr-backports-created Backport PRs are successfully created, it won't be processed by CI script anymore pr-backports-created-cloud deprecated label, NOOP pr-bugfix Pull request with bugfix, not backported by default pr-must-backport Pull request should be backported intentionally. Use this label with great care! pr-synced-to-cloud The PR is synced to the cloud repo

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

MemorySanitizer: use-of-uninitialized-value in StringHashTable in Aggregator

6 participants

@nickitat @robot-clickhouse-ci-1 @alexey-milovidov @robot-ch-test-poll1 @robot-ch-test-poll3 @robot-clickhouse-ci-2