[
https://issues.apache.org/jira/browse/AVRO-3617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17600206#comment-17600206
]
Kalle Niemitalo commented on AVRO-3617:
---------------------------------------
[~clesaec], I have not built the Avro library for C++ and I don't know what
warnings the C++ compiler might report. I filed this issue about risks found by
reading the source code as described in
[https://github.com/apache/avro/pull/1836#issuecomment-1225313705].
> [C++] Integer overflow risks with Validator::count_ and Validator::counters_
> ----------------------------------------------------------------------------
>
> Key: AVRO-3617
> URL: https://issues.apache.org/jira/browse/AVRO-3617
> Project: Apache Avro
> Issue Type: Bug
> Components: c++
> Reporter: Kalle Niemitalo
> Priority: Minor
> Labels: pull-request-available
> Time Spent: 10m
> Remaining Estimate: 0h
>
> In Validator, there seems to be some inconsistency with {{std::vector<size_t>
> counters_}} and {{int64_t count_}}:
> - Validator::countingSetup converts int64_t to size_t:
> {{counters_.push_back(static_cast<size_t>(count_));}}
> - Validator::countingAdvance converts size_t to int: {{int count =
> --counters_.back();}}
> - Validator::unionAdvance converts size_t to int64_t: {{if (count_ <
> static_cast<int64_t>(node->leaves()))}}
> - Validator::unionAdvance converts int64_t to int and that to size_t:
> {{setupOperation(node->leafAt(static_cast<int>(count_)));}}
> I did not verify whether these integers can actually grow so high that
> overflow is possible. Nevertheless, it would be safest to use integer types
> consistently.
> (Originally posted as
> [https://github.com/apache/avro/pull/1836#issuecomment-1225303643].)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
