mrhhsg opened a new pull request, #63359:
URL: https://github.com/apache/doris/pull/63359
### What problem does this PR solve?
Issue Number: DORIS-25577
Problem Summary: `JsonbDocument::checkAndCreateDocument` only validated the
top-level JSONB size/type and trusted container payload sizes. A corrupt object
body such as an oversized key length could be accepted and later cause
out-of-bounds reads.
This PR adds recursive JSONB binary validation for objects, arrays,
string/binary payloads, fixed-size values, and nesting depth.
`JsonbDocument::createValue` now reuses the checked document creation path.
Unit tests cover the Jira object key length overflow case and nested payload
size overflow.
### Release note
Reject corrupt JSONB binary documents during validation.
### Check List (For Author)
- Test:
- Unit Test: `./run-be-ut.sh --run --filter=JsonbDocumentTest.*`
- FE/BE Build: `BUILD_TYPE=ASAN doris-local-regression all -d jsonb_p0
-s test_jsonb_load_and_function` (build stage succeeded)
- Regression test: `doris-local-regression --offset 29000 --network
10.26.20.3/24 run -d jsonb_p0 -s test_jsonb_load_and_function`
- Manual test: `./build-support/check-format.sh`
- Manual test: `./build-support/run-clang-tidy.sh --build-dir
be/ut_build_ASAN` (attempted; failed due existing/toolchain clang-tidy issues:
`stddef.h` not found and unmatched `NOLINTEND` in `be/src/core/types.h`)
- Behavior changed: Yes. Corrupt JSONB binary documents are rejected earlier.
- Does this need documentation: No
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
