From d07955ce50e5ce501f488c86b6733457484a5b4a Mon Sep 17 00:00:00 2001
From: Akira Ajisaka <aajisaka@apache.org>
Date: Thu, 22 Jul 2021 10:31:32 +0900
Subject: [PATCH] Fix potential heap buffer overflow in hdfs.c. Contributed by
 Igor Chervatyuk.

(cherry picked from commit 4972e7a246f4aab665fd04ce72d1848bc5da9d4e)
---
 .../src/main/native/libhdfs/hdfs.c                         | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfs/hdfs.c b/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfs/hdfs.c
index e3cd5806edb3b..b42b4a6d51473 100644
--- a/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfs/hdfs.c
+++ b/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfs/hdfs.c
@@ -890,9 +890,14 @@ struct hdfsStreamBuilder {
 struct hdfsStreamBuilder *hdfsStreamBuilderAlloc(hdfsFS fs,
                                             const char *path, int flags)
 {
-    int path_len = strlen(path);
+    size_t path_len = strlen(path);
     struct hdfsStreamBuilder *bld;
 
+    // Check for overflow in path_len
+    if (path_len > SIZE_MAX - sizeof(struct hdfsStreamBuilder)) {
+        errno = EOVERFLOW;
+        return NULL;
+    }
     // sizeof(hdfsStreamBuilder->path) includes one byte for the string
     // terminator
     bld = malloc(sizeof(struct hdfsStreamBuilder) + path_len);