Skip to content

Commit

Permalink
Fixes ByteArrayIndexInput::validatePos and adds UT (#10551)
Browse files Browse the repository at this point in the history
* Prevent read beyond slice boundary in ByteArrayIndexInput

Signed-off-by: Paras Jain <parasjaz@amazon.com>

* Fix spotless errors

Signed-off-by: Andrew Ross <andrross@amazon.com>

---------

Signed-off-by: Paras Jain <parasjaz@amazon.com>
Signed-off-by: Andrew Ross <andrross@amazon.com>
Co-authored-by: Paras Jain <parasjaz@amazon.com>
Co-authored-by: Andrew Ross <andrross@amazon.com>
  • Loading branch information
3 people authored Feb 15, 2024
1 parent ad7f00f commit bb0b4b0
Show file tree
Hide file tree
Showing 3 changed files with 34 additions and 1 deletion.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
### Fixed
- Fix for deserilization bug in weighted round-robin metadata ([#11679](https://github.com/opensearch-project/OpenSearch/pull/11679))
- Add a system property to configure YamlParser codepoint limits ([#12298](https://github.com/opensearch-project/OpenSearch/pull/12298))
- Prevent read beyond slice boundary in ByteArrayIndexInput ([#10481](https://github.com/opensearch-project/OpenSearch/issues/10481))

### Security

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ public long readLong(long pos) throws IOException {
}

private void validatePos(long pos, int len) throws EOFException {
if (pos < 0 || pos + len > length + offset) {
if (pos < 0 || pos + len > length) {
throw new EOFException("seek past EOF");
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,8 @@

package org.opensearch.common.lucene.store;

import org.apache.lucene.store.IndexInput;

import java.io.EOFException;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
Expand Down Expand Up @@ -153,4 +155,34 @@ public void testRandomAccessReads() throws IOException {
// 10001001 00100101 10001001 00110000 11100111 00100100 10110001 00101110
assertEquals(-8564288273245753042L, indexInput.readLong(1));
}

public void testReadBytesWithSlice() throws IOException {
int inputLength = randomIntBetween(100, 1000);

byte[] input = randomUnicodeOfLength(inputLength).getBytes(StandardCharsets.UTF_8);
ByteArrayIndexInput indexInput = new ByteArrayIndexInput("test", input);

int sliceOffset = randomIntBetween(1, inputLength - 10);
int sliceLength = randomIntBetween(2, inputLength - sliceOffset);
IndexInput slice = indexInput.slice("slice", sliceOffset, sliceLength);

// read a byte from sliced index input and verify if the read value is correct
assertEquals(input[sliceOffset], slice.readByte());

// read few more bytes into a byte array
int bytesToRead = randomIntBetween(1, sliceLength - 1);
slice.readBytes(new byte[bytesToRead], 0, bytesToRead);

// now try to read beyond the boundary of the slice, but within the
// boundary of the original IndexInput. We've already read few bytes
// so this is expected to fail
assertThrows(EOFException.class, () -> slice.readBytes(new byte[sliceLength], 0, sliceLength));

// seek to EOF and then try to read
slice.seek(sliceLength);
assertThrows(EOFException.class, () -> slice.readBytes(new byte[1], 0, 1));

slice.close();
indexInput.close();
}
}

0 comments on commit bb0b4b0

Please sign in to comment.