Safe deserialization for roaring64

Ezibenroc · Ezibenroc · commit 633af84fdf64 · 2025-04-10T16:10:04.000+02:00
diff --git a/pyroaring/abstract_bitmap.pxi b/pyroaring/abstract_bitmap.pxi
@@ -28,11 +28,16 @@ cdef croaring.roaring_bitmap_t *deserialize_ptr(bytes buff):
 
 cdef croaring.roaring64_bitmap_t *deserialize64_ptr(bytes buff):
     cdef croaring.roaring64_bitmap_t *ptr
+    cdef const char *reason_failure = NULL
     buff_size = len(buff)
-    bm_size = croaring.roaring64_bitmap_portable_deserialize_size(buff, buff_size)
-    if bm_size == 0:
-        raise ValueError("Invalid bitmap serialization")
-    ptr = croaring.roaring64_bitmap_portable_deserialize_safe(buff, bm_size)
+    ptr = croaring.roaring64_bitmap_portable_deserialize_safe(buff, buff_size)
+    if ptr == NULL:
+      raise ValueError("Could not deserialize bitmap")
+    # Validate the bitmap
+    if not croaring.roaring64_bitmap_internal_validate(ptr, &reason_failure):
+        # If validation fails, free the bitmap and raise an exception
+        croaring.roaring64_bitmap_free(ptr)
+        raise ValueError(f"Invalid bitmap after deserialization: {reason_failure.decode('utf-8')}")
     return ptr
 
 def _string_rep(bm):
diff --git a/pyroaring/croaring.pxd b/pyroaring/croaring.pxd
@@ -165,6 +165,7 @@ cdef extern from "roaring.h":
     size_t roaring64_bitmap_portable_serialize(const roaring64_bitmap_t *r, char *buf)
     size_t roaring64_bitmap_portable_deserialize_size(const char *buf, size_t maxbytes)
     roaring64_bitmap_t *roaring64_bitmap_portable_deserialize_safe(const char *buf, size_t maxbytes)
+    bool roaring64_bitmap_internal_validate(const roaring64_bitmap_t *r, const char **reason)
     roaring64_iterator_t *roaring64_iterator_create(const roaring64_bitmap_t *r)
     void roaring64_iterator_free(roaring64_iterator_t *it)
     bool roaring64_iterator_has_value(const roaring64_iterator_t *it)
diff --git a/test.py b/test.py
@@ -906,7 +906,7 @@ def test_invalid_deserialization(
         bitmap_bytes = bm.serialize()
         bitmap_bytes = bitmap_bytes[:42] + wrong_input + bitmap_bytes[42:]
         with pytest.raises(ValueError, match='Invalid bitmap after deserialization'):
-            bitmap = pyroaring.FrozenBitMap.deserialize(bitmap_bytes)
+            bitmap = cls.deserialize(bitmap_bytes)
 
 
 class TestStatistics(Util):
