Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Caught a bug in roaring_bitmap_internal_validate #516

Merged
merged 3 commits into from
Sep 27, 2023

Conversation

lemire
Copy link
Member

@lemire lemire commented Sep 27, 2023

We can miss an issue whereas the run containers overflow the 16-bit boundary.

@lemire lemire requested a review from Dr-Emann September 27, 2023 15:38
Copy link
Member

@Dr-Emann Dr-Emann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! Yay for fuzzing.


DEFINE_TEST(robust_deserialization) {
assert_true(deserialization_test(NULL, 0));
const char* test1 = "\x3b\x30\x00\x00\x01\x00\x00\xfa\x2e\x01\x00\x00\x02\xff\xff";
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: This could be const char test1[] = "..."; assert_true(deserialization_test(test1, sizeof(test1)) to avoid the magic number "15"

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.

DEFINE_TEST(robust_deserialization) {
assert_true(deserialization_test(NULL, 0));
const char* test1 = "\x3b\x30\x00\x00\x01\x00\x00\xfa\x2e\x01\x00\x00\x02\xff\xff";
assert_true(deserialization_test(test1, 15));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm presuming the data in test1 contains an overflowing run container, but this test will succeed if any of the following are true, but I think we expect it to specifically fail internal validation (the last option):

  • This inconsistent bitmap doesn't deserialize at all
  • This inconsistent bitmap deserializes, validates, and can be successfully added to
  • This inconsistent bitmap deserializes, but fails validation

It might be better to be more specific about what type of error we expect from this.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It might also be good to include a comment about what the contents of test1 are.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have added comments. We can certainly add better tests.

@lemire
Copy link
Member Author

lemire commented Sep 27, 2023

I will merge and release.

@lemire lemire merged commit 0b40505 into master Sep 27, 2023
42 of 43 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants