Skip to content

[GLUTEN-8475][VL] Fix C-style casts to C++-style#8474

Merged
FelixYBW merged 1 commit intoapache:mainfrom
jkhaliqi:jk_cve_cast
Jan 17, 2025
Merged

[GLUTEN-8475][VL] Fix C-style casts to C++-style#8474
FelixYBW merged 1 commit intoapache:mainfrom
jkhaliqi:jk_cve_cast

Conversation

@jkhaliqi
Copy link
Copy Markdown
Contributor

@jkhaliqi jkhaliqi commented Jan 8, 2025
edited
Loading

What changes were proposed in this pull request?

False positives for Do not Cast
cpp/velox/compute/WholeStageResultIterator.cc:461
cpp/velox/compute/WholeStageResultIterator.cc:463](http://wholestageresultiterator.cc:463/)
cpp/velox/shuffle/VeloxSortShuffleWriter.cc:219
cpp/velox/tests/FunctionTest.cc:157
cpp/velox/shuffle/VeloxShuffleReader.cc:437
cpp/velox/shuffle/VeloxSortShuffleWriter.cc:347
cpp/velox/substrait/SubstraitToVeloxPlan.cc:1049
cpp/velox/substrait/SubstraitToVeloxPlan.cc:1040
cpp/velox/substrait/SubstraitToVeloxPlan.cc:1102
cpp/velox/substrait/SubstraitToVeloxPlan.cc:1095
cpp/velox/tests/VeloxSubstraitRoundTripTest.cc:370 -> and below test would fail at BaseVector.cpp comparing the VELOX_CHECK_EQ(type->kind(), value.kind()); if it is not casted correctly so leaving as is
cpp/velox/tests/VeloxSubstraitRoundTripTest.cc:371
cpp/velox/tests/VeloxSubstraitRoundTripTest.cc:372
cpp/velox/tests/VeloxSubstraitRoundTripTest.cc:374
cpp/velox/tests/VeloxSubstraitRoundTripTest.cc:375

(Please fill in changes proposed in this fix)

(Fixes: #8475)

@github-actions github-actions bot added the VELOX label Jan 8, 2025
@github-actions
Copy link
Copy Markdown

github-actions bot commented Jan 8, 2025

Thanks for opening a pull request!

Could you open an issue for this pull request on Github Issues?

https://github.com/apache/incubator-gluten/issues

Then could you also rename commit message and pull request title in the following format?

[GLUTEN-${ISSUES_ID}][COMPONENT]feat/fix: ${detailed message}

See also:

@jkhaliqi jkhaliqi changed the title [VL] Change C-style casts to C++-style [GLUTEN_8475][VL] Change C-style casts to C++-style Jan 8, 2025
@jkhaliqi jkhaliqi changed the title [GLUTEN_8475][VL] Change C-style casts to C++-style [GLUTEN_8475][VL] Fix C-style casts to C++-style Jan 8, 2025
zhztheplayer
zhztheplayer reviewed Jan 9, 2025
View reviewed changes
cpp/core/memory/MemoryAllocator.cc Outdated
}
if (newSize <= size) {
auto aligned = ROUND_TO_LINE(newSize, alignment);
auto aligned = ROUND_TO_LINE(static_cast<uint64_t> newSize, alignment);
Copy link
Copy Markdown
Member

@zhztheplayer zhztheplayer Jan 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this a typo?

Copy link
Copy Markdown
Contributor Author

@jkhaliqi jkhaliqi Jan 9, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dont Use Cast@cpp/core/memory/MemoryAllocator.cc:164
looks like newSize is int64_t and alignment is uint64_t so i'm assuming there is some sort of casting that goes on when calling this function. With that I figured they should both go in with the same type. With the above line showing if (newSize <= 0) {return false;} im assuming newSize will be positive if it gets to here so I just casted it to be uint64_t like the alignment variable

Copy link
Copy Markdown
Contributor Author

@jkhaliqi jkhaliqi Jan 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sorry I did forget the parenthesis around newSize, updating!

Copy link
Copy Markdown
Member

@zhztheplayer zhztheplayer Jan 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see, thanks.

It seems GitHub CI service is encountering issues so the CI is not triggering BTW.

@zhztheplayer
Copy link
Copy Markdown
Member

zhztheplayer commented Jan 10, 2025

@jkhaliqi Would you fix the code style? Thanks!

https://github.com/apache/incubator-gluten/actions/runs/12682962050/job/35349998150?pr=8474

czentgr
czentgr reviewed Jan 10, 2025
View reviewed changes
cpp/velox/shuffle/VeloxShuffleReader.cc Outdated
const auto* rawBuffer = buffer->as<char>();
while (rowOffset_ < cur->first && readRows < batchSize_) {
auto rowSize = *(RowSizeType*)(rawBuffer + byteOffset_) - sizeof(RowSizeType);
auto rowSize = *(static_cast<RowSizeType*>(rawBuffer + byteOffset_)) - sizeof(RowSizeType);
Copy link
Copy Markdown

@czentgr czentgr Jan 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a reason that you don't use this one liner for other occurrences?
In other cases you are splitting it into two lines (first the ptr and then the dereference, for example, previous file line 186ff.

Copy link
Copy Markdown
Contributor Author

@jkhaliqi jkhaliqi Jan 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No reason updating all to be one liner, thank you!

cpp/velox/tests/VeloxSubstraitRoundTripTest.cc Outdated
makeConstantExpr(INTEGER(), static_cast<int32_t>(678)),
makeConstantExpr(BIGINT(), static_cast<int64_t>(910)),
makeConstantExpr(REAL(), static_cast<float>(1.23)),
makeConstantExpr(BOOLEAN(), 1),
Copy link
Copy Markdown

@czentgr czentgr Jan 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's wrong with these but not the last double cast?

Copy link
Copy Markdown
Contributor Author

@jkhaliqi jkhaliqi Jan 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missed the last one, updated, thank you!

@jkhaliqi jkhaliqi force-pushed the jk_cve_cast branch 11 times, most recently from 38bbc19 to 6b942fb Compare January 13, 2025 20:19
@jkhaliqi jkhaliqi changed the title [GLUTEN_8475][VL] Fix C-style casts to C++-style [GLUTEN-8475][VL] Fix C-style casts to C++-style Jan 13, 2025
@github-actions
Copy link
Copy Markdown

github-actions bot commented Jan 13, 2025

#8475

FelixYBW
FelixYBW reviewed Jan 16, 2025
View reviewed changes
cpp/core/utils/qpl/QplCodec.cc Outdated
ARROW_DCHECK_GE(input_len, 0);
/// Aligned with ZLIB
return ((input_len) + ((input_len) >> 12) + ((input_len) >> 14) + ((input_len) >> 25) + 13);
return ((input_len) + ((input_len) >> 12) + ((input_len) >> 14) + ((input_len) >> 25) + static_cast<int64_t>(13));
Copy link
Copy Markdown
Contributor

@FelixYBW FelixYBW Jan 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

13LL?

Copy link
Copy Markdown
Contributor Author

@jkhaliqi jkhaliqi Jan 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

13LL gets rid of the unnecessary casting so updating with this, thank you!

@FelixYBW FelixYBW merged commit abccde3 into apache:main Jan 17, 2025
baibaichen pushed a commit to baibaichen/gluten that referenced this pull request Feb 1, 2025
@jkhaliqi @baibaichen
[GLUTEN-8475][VL] Fix C-style casts to C++-style (apache#8474)
461c479 
Coupld of security volation fix
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zhztheplayer zhztheplayer zhztheplayer left review comments

@FelixYBW FelixYBW FelixYBW approved these changes

+1 more reviewer

@czentgr czentgr czentgr left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

VELOX

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[VL] Security Voliations Do Not Cast

4 participants

@jkhaliqi @zhztheplayer @FelixYBW @czentgr