Mailing List Archive

[jira] [Updated] (LUCENE-4074) FST Sorter BufferSize causes int overflow if BufferSize > 2048MB
[ https://issues.apache.org/jira/browse/LUCENE-4074?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Simon Willnauer updated LUCENE-4074:
------------------------------------

Attachment: LUCENE-4074.patch

here is a patch that adds a testcase, changes all arguments and constants to 64bit signed ints and checks for negative values in the BufferSize ctor for immediate feedback.

> FST Sorter BufferSize causes int overflow if BufferSize > 2048MB
> ----------------------------------------------------------------
>
> Key: LUCENE-4074
> URL: https://issues.apache.org/jira/browse/LUCENE-4074
> Project: Lucene - Java
> Issue Type: Bug
> Components: modules/spellchecker
> Affects Versions: 3.6, 4.0
> Reporter: Simon Willnauer
> Fix For: 3.6.1, 4.1
>
> Attachments: LUCENE-4074.patch
>
>
> the BufferSize constructor accepts size in MB as an integer and uses multiplication to convert to bytes. While its checking the size in bytes to be less than 2048 MB it does that after byte conversion. If you pass a value > 2047 to the ctor the value overflows since all constants and methods based on MB expect 32 bit signed ints. This does not even result in an exception until the BufferSize is actually passed to the sorter.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org
[jira] [Updated] (LUCENE-4074) FST Sorter BufferSize causes int overflow if BufferSize > 2048MB [ In reply to ]
[ https://issues.apache.org/jira/browse/LUCENE-4074?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Simon Willnauer updated LUCENE-4074:
------------------------------------

Fix Version/s: (was: 4.1)
4.0

> FST Sorter BufferSize causes int overflow if BufferSize > 2048MB
> ----------------------------------------------------------------
>
> Key: LUCENE-4074
> URL: https://issues.apache.org/jira/browse/LUCENE-4074
> Project: Lucene - Java
> Issue Type: Bug
> Components: modules/spellchecker
> Affects Versions: 3.6, 4.0
> Reporter: Simon Willnauer
> Assignee: Simon Willnauer
> Fix For: 4.0, 3.6.1
>
> Attachments: LUCENE-4074.patch
>
>
> the BufferSize constructor accepts size in MB as an integer and uses multiplication to convert to bytes. While its checking the size in bytes to be less than 2048 MB it does that after byte conversion. If you pass a value > 2047 to the ctor the value overflows since all constants and methods based on MB expect 32 bit signed ints. This does not even result in an exception until the BufferSize is actually passed to the sorter.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org