Skip to content

Fixes a memory leak issue in the Avro C library under abnormal data scenarios. #3635

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kwenzh wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Fixes a memory leak issue in the Avro C library under abnormal data scenarios. #3635

kwenzh wants to merge 3 commits into from
+49 −2

Conversation

@kwenzh
Copy link

@kwenzh kwenzh commented Jan 27, 2026
edited
Loading

What is the purpose of the change

  • Does not properly validate that the string length does not exceed available buffer space, potentially leading to buffer overflow
  • Add a macro definition AVRO_SAFE_READ to release memory upon exception return.

Verifying this change

  • Construct a schema and data that do not match, and call the read_string function to read them.
  • Observe memory usage.
  • Stop reading,Observe if memory usage decreases.

Alternatively, you can use valgrind to check for memory leaks.

Documentation

@github-actions github-actions bot added the C label Jan 27, 2026
@kwenzh kwenzh mentioned this pull request Jan 27, 2026
Open
martin-g
martin-g reviewed Jan 27, 2026
View reviewed changes
lang/c/src/io.c
return mem_reader->len - mem_reader->read;
} else if (is_file_io(reader)) {
struct _avro_reader_file_t *file_reader = avro_reader_to_file(reader);
return bytes_available(file_reader);
Copy link
Member

@martin-g martin-g Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This returns only the buffered bytes, not all remaining bytes as the memory io branch above

Copy link
Author

@kwenzh kwenzh Jan 28, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sorry, I haven't found a way to get the remaining buffer length for file I/O. My goal is to check the maximum readable length before malloc to avoid memory leaks caused by the length exceeding the limit during avro_read_memory checks. Are there any other good solutions?

Copy link
Author

@kwenzh kwenzh Jan 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This returns only the buffered bytes, not all remaining bytes as the memory io branch above

maybe use (int64_t) sizeof(reader->buffer) , Am I understanding this correctly?

lang/c/src/encoding_binary.c Outdated
// max := r.tail - r.head + 1; if max >= 0 && size > max
max_available = avro_max_read(reader);
if (max_available >= 0 && str_len > max_available) {
avro_set_error("mem io: String length %" PRId64 " is greater than available buffer size %" PRId64,
Copy link
Member

@martin-g martin-g Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please make sure to use the same indentation as the rest of the file, i.e. tabs.

Copy link
Author

@kwenzh kwenzh Jan 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

image

see again?

KalleOlaviNiemitalo
KalleOlaviNiemitalo reviewed Jan 27, 2026
View reviewed changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@martin-g martin-g martin-g left review comments

+1 more reviewer

@KalleOlaviNiemitalo KalleOlaviNiemitalo KalleOlaviNiemitalo left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

C

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kwenzh @martin-g @KalleOlaviNiemitalo