[
https://issues.apache.org/jira/browse/PARQUET-1997?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17299041#comment-17299041
]
Gidon Gershinsky commented on PARQUET-1997:
-------------------------------------------
[~apitrou] This point is addressed by the _int
AesEncryptor::CiphertextSizeDelta()_ function - the caller uses it to allocate
the output buffer. This is not a part of public Parquet API; the caller is the
parquet code.
> [C++] AesEncryptor and AesDecryptor primitives are unsafe
> ---------------------------------------------------------
>
> Key: PARQUET-1997
> URL: https://issues.apache.org/jira/browse/PARQUET-1997
> Project: Parquet
> Issue Type: Bug
> Components: parquet-cpp
> Reporter: Antoine Pitrou
> Priority: Major
>
> {{AesEncryptor::Encrypt}}, {{AesDecryptor::Decrypt}} take a pointer to the
> output buffer but without the output buffer length. The caller is required to
> guess the expected output length. The functions also return the written
> output length, but at this point it's too late: data may have been written
> out of bounds.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
