Skip to content

Check valid parent selection hash string#12985

Merged
serrislew merged 3 commits intoapache:masterfrom
serrislew:parent_hash
Mar 25, 2026
Merged

Check valid parent selection hash string#12985
serrislew merged 3 commits intoapache:masterfrom
serrislew:parent_hash

Conversation

@serrislew
Copy link
Contributor

@serrislew serrislew commented Mar 17, 2026

Resolves #12973 by checking parent hash string length

@serrislew serrislew added this to the 11.0.0 milestone Mar 17, 2026
@serrislew serrislew self-assigned this Mar 17, 2026
@bryancall bryancall requested review from bryancall and Copilot March 23, 2026 22:48
Copilot AI reviewed Mar 23, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses a reported memory-safety issue in ATS parent selection parsing by adding validation for the optional &hash portion of parent entries, preventing oversized hash strings from being copied into fixed-size buffers.

Changes:

  • Add a length check for the optional parent &hash string during ParentRecord::ProcessParents() parsing.
  • Fail parsing with a specific error when the hash string exceeds the allowed maximum.

@serrislew serrislew mentioned this pull request Mar 23, 2026
Closed
bryancall
bryancall requested changes Mar 25, 2026
View reviewed changes
Copy link
Contributor

@bryancall bryancall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the fix, Serris. The overall approach is correct — validating the hash string length before the memcpy is the right thing to do, and the regression tests are a good addition.

There's an off-by-one in the length check that needs fixing, and the test boundaries need to shift to match. Details in the inline comment.

Also, please resolve the Copilot comments that you've already addressed (the error message underscore fix and the regression test addition) so the review trail is clean.

@serrislew serrislew merged commit 1252ea4 into apache:master Mar 25, 2026
15 checks passed
@github-project-automation github-project-automation bot moved this to For v10.2.0 in ATS v10.2.x Mar 25, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@bryancall bryancall bryancall approved these changes

Assignees

@serrislew serrislew

Labels

Parent Selection

Projects

ATS v10.2.x
Status: For v10.2.0

Milestone

11.0.0

Development

Successfully merging this pull request may close these issues.

[BUG] Multiple Intra-Object Overflows in ParentSelection.cc (hash_string)

3 participants

@serrislew @bryancall