Skip to content

Backport 63509 branch 4.1#63741

Open
Gabriel39 wants to merge 5 commits into
apache:branch-4.1from
Gabriel39:backport-63509-branch-4.1
Open

Backport 63509 branch 4.1#63741
Gabriel39 wants to merge 5 commits into
apache:branch-4.1from
Gabriel39:backport-63509-branch-4.1

Conversation

@Gabriel39
Copy link
Copy Markdown
Contributor

@Gabriel39 Gabriel39 commented May 27, 2026

What problem does this PR solve?

Issue Number: close #xxx

Related PR: #xxx

Problem Summary:

Release note

None

Check List (For Author)

  • Test

    • Regression test
    • Unit Test
    • Manual test (add detailed scripts or steps below)
    • No need to test or manual test. Explain why:
      • This is a refactor/code format and no logic has been changed.
      • Previous test can cover this change.
      • No code files have been changed.
      • Other reason

  • Behavior changed:

    • No.
    • Yes.

  • Does this need documentation?

    • No.
    • Yes.

Check List (For Reviewer who merge this PR)

  • Confirm the release note
  • Confirm test cases
  • Confirm document
  • Add branch pick label

Gabriel39 added 5 commits May 27, 2026 16:30
@Gabriel39
[fix](parquet) Fix wrong condition
b9e75bd
@Gabriel39
update
87e563a
@Gabriel39
update
a5073b0
@Gabriel39
update
ee8c113
@Gabriel39
[fix](parquet) Guard byte array decoder bounds checks
89d0f3e 
Issue Number: close #xxx

Related PR: #xxx

Problem Summary: Parquet byte array decoders still used addition-based bounds checks for malformed length-prefixed data. The plain decoder could overflow _offset + length before rejecting a value, and the dictionary decoder could decode or copy from truncated pages before validating that enough bytes remained for the length prefix and payload. This change validates remaining bytes with subtraction before decoding or advancing offsets, rejects negative dictionary page lengths, and adds unit coverage for truncated prefixes, truncated payloads, and overflow-sized values.

None

- Test: Manual test
    - Ran git diff --check
    - Could not run build-support/clang-format.sh because llvm@16/clang-format is not installed in this environment
    - Could not run BE UT because run-be-ut.sh requires JDK-17, but this environment only has JDK-11
- Behavior changed: No
- Does this need documentation: No
@Gabriel39 Gabriel39 requested a review from yiguolei as a code owner May 27, 2026 08:38
@hello-stephen
Copy link
Copy Markdown
Contributor

hello-stephen commented May 27, 2026

Thank you for your contribution to Apache Doris.
Don't know what should be done next? See How to process your PR.

Please clearly describe your PR:

  1. What problem was fixed (it's best to include specific error reporting information). How it was fixed.
  2. Which behaviors were modified. What was the previous behavior, what is it now, why was it modified, and what possible impacts might there be.
  3. What features were added. Why was this function added?
  4. Which code was refactored and why was this part of the code refactored?
  5. Which functions were optimized and what is the difference before and after the optimization?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yiguolei yiguolei Awaiting requested review from yiguolei yiguolei is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Gabriel39 @hello-stephen