Skip to content

Fixes a memory leak issue in the Avro C library under abnormal data scenarios. #3635

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
kwenzh wants to merge 3 commits into
base: main
Choose a base branch
from
+49 −2
Open

Fixes a memory leak issue in the Avro C library under abnormal data scenarios. #3635

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8f4444d
fix: avro c mem leak
kwenzh Jan 27, 2026
034ce7a
fix code review
kwenzh Jan 28, 2026
bc097af
fix auto cirunner unittest
kwenzh Jan 28, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions lang/c/src/avro/io.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ avro_reader_memory_set_source(avro_reader_t reader, const char *buf, int64_t len
void
avro_writer_memory_set_dest(avro_writer_t writer, const char *buf, int64_t len);

int64_t avro_max_read(avro_reader_t reader);
Comment thread
kwenzh marked this conversation as resolved.
int avro_read(avro_reader_t reader, void *buf, int64_t len);
int avro_skip(avro_reader_t reader, int64_t len);
int avro_write(avro_writer_t writer, void *buf, int64_t len);
Expand Down
3 changes: 3 additions & 0 deletions lang/c/src/encoding.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,9 @@ typedef struct avro_encoding_t avro_encoding_t;
#define AVRO_SKIP(reader, len) \
{ int rval = avro_skip( reader, len); if (rval) return rval; }

#define AVRO_SAFE_READ(reader, buf, len, mem_size) \
Comment thread
kwenzh marked this conversation as resolved.
Outdated
{ int rval = avro_read( reader, buf, len ); if(rval) { if(buf) avro_free(buf, mem_size); buf = NULL; return rval; } }
Comment thread
kwenzh marked this conversation as resolved.

extern const avro_encoding_t avro_binary_encoding; /* in
* encoding_binary
*/
Expand Down
15 changes: 13 additions & 2 deletions lang/c/src/encoding_binary.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -136,8 +136,10 @@ static int read_bytes(avro_reader_t reader, char **bytes, int64_t * len)
avro_set_error("Cannot allocate buffer for bytes value");
return ENOMEM;
}
AVRO_READ(reader, *bytes, *len);

Comment thread
kwenzh marked this conversation as resolved.
(*bytes)[*len] = '\0';
AVRO_SAFE_READ(reader, *bytes, *len, *len+1);
Comment thread
kwenzh marked this conversation as resolved.
Outdated

return 0;
}

Expand Down Expand Up @@ -180,21 +182,30 @@ size_bytes(avro_writer_t writer, const char *bytes, const int64_t len)
static int read_string(avro_reader_t reader, char **s, int64_t *len)
{
int64_t str_len = 0;
int64_t max_available = -1;
int rval;
check_prefix(rval, read_long(reader, &str_len),
"Cannot read string length: ");
if (str_len < 0) {
avro_set_error("Invalid string length: %" PRId64, str_len);
return EINVAL;
}
// max := r.tail - r.head + 1; if max >= 0 && size > max
Comment thread
kwenzh marked this conversation as resolved.
Outdated
max_available = avro_max_read(reader);
if (max_available >= 0 && str_len > max_available) {
avro_set_error("mem io: String length %" PRId64 " is greater than available buffer size %" PRId64,
Comment thread
kwenzh marked this conversation as resolved.
Outdated
Copy link
Copy Markdown
Member

@martin-g martin-g Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please make sure to use the same indentation as the rest of the file, i.e. tabs.

Copy link
Copy Markdown
Author

@kwenzh kwenzh Jan 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

image

see again?

str_len, max_available);
return ERANGE;
}

*len = str_len + 1;
*s = (char *) avro_malloc(*len);
if (!*s) {
avro_set_error("Cannot allocate buffer for string value");
return ENOMEM;
}
(*s)[str_len] = '\0';
AVRO_READ(reader, *s, str_len);
AVRO_SAFE_READ(reader, *s, str_len, *len);
return 0;
}

Expand Down
14 changes: 14 additions & 0 deletions lang/c/src/io.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -274,6 +274,20 @@ int avro_read(avro_reader_t reader, void *buf, int64_t len)
return EINVAL;
}


int64_t avro_max_read(avro_reader_t reader)
{
if (is_memory_io(reader)) {
struct _avro_reader_memory_t *mem_reader = avro_reader_to_memory(reader);
return mem_reader->len - mem_reader->read;
} else if (is_file_io(reader)) {
struct _avro_reader_file_t *file_reader = avro_reader_to_file(reader);
return bytes_available(file_reader);
Copy link
Copy Markdown
Member

@martin-g martin-g Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This returns only the buffered bytes, not all remaining bytes as the memory io branch above

Copy link
Copy Markdown
Author

@kwenzh kwenzh Jan 28, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sorry, I haven't found a way to get the remaining buffer length for file I/O. My goal is to check the maximum readable length before malloc to avoid memory leaks caused by the length exceeding the limit during avro_read_memory checks. Are there any other good solutions?

Copy link
Copy Markdown
Author

@kwenzh kwenzh Jan 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This returns only the buffered bytes, not all remaining bytes as the memory io branch above

maybe use (int64_t) sizeof(reader->buffer) , Am I understanding this correctly?

}
return -1;
}


static int avro_skip_memory(struct _avro_reader_memory_t *reader, int64_t len)
{
if (len > 0) {
Expand Down