fix(log): Prevent potential offset overflow in ElasticLogSegment (#2720) #2726
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* fix(log): Prevent potential offset overflow in ElasticLogSegment This commit addresses an issue where a log segment could accommodate more than Integer.MAX_VALUE records, leading to a potential integer overflow when calculating relative offsets. The root cause was that the check `offset - baseOffset <= Integer.MAX_VALUE` allowed a relative offset to be exactly `Integer.MAX_VALUE`. Since offsets are 0-based, this allows for `Integer.MAX_VALUE + 1` records, which cannot be represented by a standard Integer. This fix implements the following changes: 1. In `ElasticLogSegment`, the offset validation is changed from `<=` to `< Integer.MAX_VALUE` to ensure the relative offset strictly fits within an Integer's bounds. 2. In `LogCleaner`, a new segment grouping method `groupSegmentsBySizeV2` is introduced for `ElasticUnifiedLog`. This method uses the same stricter offset check to prevent incorrectly grouping segments that would exceed the offset limit. 3. The corresponding unit tests in `LogCleanerTest` have been updated to reflect these new boundaries and validate the fix. Fixes: #2718 * fix(logCleaner): unify segment grouping logic * fix(logCleaner): extract offset range check for segment grouping to prevent overflow in ElasticLogSegment * style(logCleaner): fix indentation in segment grouping condition for readability * style(logCleaner): fix line break in offset range check for readability * chore: add AutoMQ inject * style(logCleaner): remove unnecessary blank line after segment grouping * fix(stream): validate record batch count to prevent negative values in append
superhx
approved these changes
Jul 30, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
cherry-pick 201c6eb
This commit addresses an issue where a log segment could accommodate more than Integer.MAX_VALUE records, leading to a potential integer overflow when calculating relative offsets.
The root cause was that the check
offset - baseOffset <= Integer.MAX_VALUEallowed a relative offset to be exactlyInteger.MAX_VALUE. Since offsets are 0-based, this allows forInteger.MAX_VALUE + 1records, which cannot be represented by a standard Integer.This fix implements the following changes:
ElasticLogSegment, the offset validation is changed from<=to< Integer.MAX_VALUEto ensure the relative offset strictly fits within an Integer's bounds.LogCleaner, a new segment grouping methodgroupSegmentsBySizeV2is introduced forElasticUnifiedLog. This method uses the same stricter offset check to prevent incorrectly grouping segments that would exceed the offset limit.LogCleanerTesthave been updated to reflect these new boundaries and validate the fix.Fixes: #2718