From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <korablev@tarantool.org>
Received: from smtp15.mail.ru (smtp15.mail.ru [94.100.176.133])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by dev.tarantool.org (Postfix) with ESMTPS id 23B30445320
 for <tarantool-patches@dev.tarantool.org>;
 Thu, 16 Jul 2020 17:27:16 +0300 (MSK)
Date: Thu, 16 Jul 2020 14:27:15 +0000
From: Nikita Pettik <korablev@tarantool.org>
Message-ID: <20200716142715.GA32056@tarantool.org>
References: <1594821336-14468-1-git-send-email-alyapunov@tarantool.org>
 <1594821336-14468-3-git-send-email-alyapunov@tarantool.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <1594821336-14468-3-git-send-email-alyapunov@tarantool.org>
Subject: Re: [Tarantool-patches] [PATCH v3 02/13] Check data_offset overflow
 in struct tuple
List-Id: Tarantool development patches <tarantool-patches.dev.tarantool.org>
List-Unsubscribe: <https://lists.tarantool.org/mailman/options/tarantool-patches>, 
 <mailto:tarantool-patches-request@dev.tarantool.org?subject=unsubscribe>
List-Archive: <https://lists.tarantool.org/pipermail/tarantool-patches/>
List-Post: <mailto:tarantool-patches@dev.tarantool.org>
List-Help: <mailto:tarantool-patches-request@dev.tarantool.org?subject=help>
List-Subscribe: <https://lists.tarantool.org/mailman/listinfo/tarantool-patches>, 
 <mailto:tarantool-patches-request@dev.tarantool.org?subject=subscribe>
To: Aleksandr Lyapunov <alyapunov@tarantool.org>
Cc: tarantool-patches@dev.tarantool.org

On 15 Jul 16:55, Aleksandr Lyapunov wrote:
> data_offset member of tuple is uint16_t now. At the same time
> this field is calculated from field_map_size which is uint32_t.
> That could lead to overflows and crashes.
> 
> Fixes #5084
> ---

Pushed to master, 2.4, 2.3 and backported to 1.10 (without multikey
test). Changelogs are updated correspondingly.