Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

storage: Check sign of decoded varints #1800

Closed
beorn7 opened this Issue Jul 8, 2016 · 1 comment

Comments

Projects
None yet
1 participant
@beorn7
Copy link
Member

beorn7 commented Jul 8, 2016

When designing the checkpoint format, we used varints a lot, even for inherently unsigned ints (that should have used a uvarint). If the data is corrupted, negative values could be decoded, which will wreak havoc later (allocating buffers with negative size and such(. To avoid panics, we should catch that case.

@beorn7 beorn7 self-assigned this Jul 8, 2016

beorn7 added a commit that referenced this issue Apr 4, 2017

storage: Check for negative values from varint decoding
Sadly, we have a number of places where we use varint encoding for
numbers that cannot be negative. We could have saved a bit by using
uvarint encoding. On the bright side, we now have a 50% chance to
detect data corruption. :-/

Fixes #1800 and #2492.

@beorn7 beorn7 closed this in #2576 Apr 4, 2017

@lock

This comment has been minimized.

Copy link

lock bot commented Mar 23, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked and limited conversation to collaborators Mar 23, 2019

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
You can’t perform that action at this time.