(original report by @tonghuaroot)
Checks for StreamReadConstraints.maxNumberLength are incomplete for Avro decoder wrt types BigDecimal and BigInteger.
All 2.x and 3.x versions appear affected: if so, should be fixed in 2.18 (oldest LTS), merged forward.
EDIT: actually no, only 2.19 and above have AvroParserImpl.decodeBytesDecimal() and related methods. So fix should go in 2.21.
(original report by @tonghuaroot)
Checks for
StreamReadConstraints.maxNumberLengthare incomplete for Avro decoder wrt typesBigDecimalandBigInteger.All 2.x and 3.x versions appear affected: if so, should be fixed in 2.18 (oldest LTS), merged forward.
EDIT: actually no, only 2.19 and above have
AvroParserImpl.decodeBytesDecimal()and related methods. So fix should go in2.21.