OSV-2020-86 Heap-buffer-overflow in bool arrow::util::RleDecoder::NextCounts<int>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20735 Crash type: Heap-buffer-overflow WRITE Crash state: bool arrow::util::RleDecoder::NextCounts parquet::DictByteArrayDecoderImpl::DecodeArrowDense parquet::DictByteArrayDecoderImpl::DecodeArrow...

OSV-2020-52 Heap-buffer-overflow in int arrow::util::RleDecoder::GetBatchWithDictSpaced<double>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20665 Crash type: Heap-buffer-overflow READ 8 Crash state: int arrow::util::RleDecoder::GetBatchWithDictSpaced virtual thunk to parquet::DictDecoderImplparquet::PhysicalType...

OSV-2020-42 Heap-buffer-overflow in bool arrow::util::RleDecoder::NextCounts<int>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20695 Crash type: Heap-buffer-overflow WRITE Crash state: bool arrow::util::RleDecoder::NextCounts int arrow::util::RleDecoder::GetBatchWithDictSpaced virtual thunk to parquet::DictDecoderImplparquet::PhysicalType...

arrow:parquet-arrow-fuzz: Heap-buffer-overflow in bool arrow::util::RleDecoder::NextCounts<int>

Project: https://github.com/apache/arrow.git Detailed Report: https://oss-fuzz.com/testcase?key=5157653963866112 Project: arrow Fuzzing Engine: libFuzzer Fuzz Target: parquet-arrow-fuzz Job Type: libfuzzerasanarrow Platform Id: linux Crash Type: Heap-buffer-overflow WRITE Crash Address:...