Version v4.1.5

Author: Ezibenroc

pyroaring/croaring_version.pxi

@@ -1 +1 @@
-__croaring_version__ = "v4.1.4"
+__croaring_version__ = "v4.1.5"

pyroaring/roaring.c

@@ -1,5 +1,5 @@
 // !!! DO NOT EDIT - THIS IS AN AUTO-GENERATED FILE !!!
-// Created by amalgamation.sh on 2024-09-19T15:00:26Z
+// Created by amalgamation.sh on 2024-09-19T23:52:46Z
 
 /*
  * The CRoaring project is under a dual license (Apache/MIT).
@@ -24641,7 +24641,8 @@ roaring64_bitmap_t *roaring64_bitmap_portable_deserialize_safe(
         memcpy(&high32, buf, sizeof(high32));
         buf += sizeof(high32);
         read_bytes += sizeof(high32);
-        if (high32 < previous_high32) {
+        // High 32 bits must be strictly increasing.
+        if (high32 <= previous_high32) {
             roaring64_bitmap_free(r);
             return NULL;
         }
@@ -24663,6 +24664,24 @@ roaring64_bitmap_t *roaring64_bitmap_portable_deserialize_safe(
         buf += bitmap32_size;
         read_bytes += bitmap32_size;
 
+        // While we don't attempt to validate much, we must ensure that there
+        // is no duplication in the high 48 bits - inserting into the ART
+        // assumes (or UB) no duplicate keys. The top 32 bits must be unique
+        // because we check for strict increasing values of  high32, but we
+        // must also ensure the top 16 bits within each 32-bit bitmap are also
+        // at least unique (we ensure they're strictly increasing as well,
+        // which they must be for a _valid_ bitmap, since it's cheaper to check)
+        int32_t last_bitmap_key = -1;
+        for (int i = 0; i < bitmap32->high_low_container.size; i++) {
+            uint16_t key = bitmap32->high_low_container.keys[i];
+            if (key <= last_bitmap_key) {
+                roaring_bitmap_free(bitmap32);
+                roaring64_bitmap_free(r);
+                return NULL;
+            }
+            last_bitmap_key = key;
+        }
+
         // Insert all containers of the 32-bit bitmap into the 64-bit bitmap.
         move_from_roaring32_offset(r, bitmap32, high32);
         roaring_bitmap_free(bitmap32);

pyroaring/roaring.h

@@ -1,5 +1,5 @@
 // !!! DO NOT EDIT - THIS IS AN AUTO-GENERATED FILE !!!
-// Created by amalgamation.sh on 2024-09-19T15:00:26Z
+// Created by amalgamation.sh on 2024-09-19T23:52:46Z
 
 /*
  * The CRoaring project is under a dual license (Apache/MIT).
@@ -59,11 +59,11 @@
 // /include/roaring/roaring_version.h automatically generated by release.py, do not change by hand
 #ifndef ROARING_INCLUDE_ROARING_VERSION
 #define ROARING_INCLUDE_ROARING_VERSION
-#define ROARING_VERSION "4.1.4"
+#define ROARING_VERSION "4.1.5"
 enum {
     ROARING_VERSION_MAJOR = 4,
     ROARING_VERSION_MINOR = 1,
-    ROARING_VERSION_REVISION = 4
+    ROARING_VERSION_REVISION = 5
 };
 #endif // ROARING_INCLUDE_ROARING_VERSION
 // clang-format on/* end file include/roaring/roaring_version.h */