[C++][Gandiva] gdv_hash_using_openssl() has some problems

[kou]

Describe the bug, including details regarding any error messages, version, and platform.

See also: https://huntr.com/bounties/7a205f3c-20b3-485d-9d0a-bbcfe0d5d331

1: gdv_hash_using_openssl() is an internal function but it's exported:

arrow/cpp/src/gandiva/hash_utils.cc

Lines 66 to 69 in 4eca507

	GANDIVA_EXPORT
	const char* gdv_hash_using_openssl(int64_t context, const void* message,
	size_t message_length, const EVP_MD* hash_type,
	uint32_t result_buf_size, int32_t* out_length) {

2: If one of invalid digest size check and result buffer size check returns false, gdv_hash_using_openssl() should report an error. But gdv_hash_using_openssl() reports an error only when both of them return false:

arrow/cpp/src/gandiva/hash_utils.cc

Lines 105 to 113 in 4eca507

	if (result_length != hash_digest_size && result_buf_size != (2 * hash_digest_size)) {
	gdv_fn_context_set_error_msg(context,
	"Could not obtain the hash for the defined value");
	EVP_MD_CTX_free(md_ctx);
	OPENSSL_free(result);
	*out_length = 0;
	return "";
	}

3: Buffer size specified to snprintf() is wrong. result_buf_size should be result_buf_size - result_buff_index.

arrow/cpp/src/gandiva/hash_utils.cc

Lines 129 to 136 in 4eca507

	unsigned int result_buff_index = 0;
	for (unsigned int j = 0; j < result_length; j++) {
	DCHECK(result_buff_index >= 0 && result_buff_index < result_buf_size);
	unsigned char hex_number = result[j];
	result_buff_index +=
	snprintf(result_buffer + result_buff_index, result_buf_size, "%02x", hex_number);
	}

Component(s)

C++, Gandiva

[kou]

@dmitry-chirkov-dremio @lriggs @akravchukdremio @xxlaykxx Could you take a look at this?

[lriggs]

What happened to #49765 from @seebee-dev? It just disappeared.

[kou]

I don't know... The account may be banned.

[darylcz]

probably closed and reposted PR triggered GH systems. Appeal pending :/