fix(storage): add bounds validation in Footer::Parse

[jfeng18]

Summary

Add bounds validation in Footer::Parse to prevent heap out-of-bounds read on corrupted/truncated serialized index files.

Fixes: #2170

Changes

• Validate length >= 20 before reading inner fields (minimum overhead: 8B magic + 8B metadata_length + 4B checksum)
• Validate metadata_string_length <= length - 20 before constructing the metadata string
• Remove unused string_buffer allocation (dead code)

Test plan

• Footer tests: 21 assertions passed
• Full unit tests: 441 cases / 85M assertions passed (release)
• make fmt clean

🤖 Generated with Claude Code

[jfeng18]

Hi maintainers, could you please add kind/bug and version/1.0 labels? I don't have label permissions as a fork contributor. Thanks!

[mergify]

Merge Protections

Your pull request matches the following merge protections and will not be merged until they are valid.

🔴 Require kind label

Waiting for

• label~=^kind/

This rule is failing.

• label~=^kind/

🔴 Require version label

Waiting for

• label~=^version/

This rule is failing.

• label~=^version/

[gemini-code-assist]

Code Review

This pull request introduces safety checks in Footer::Parse within src/storage/serialization.cpp to prevent potential out-of-bounds memory accesses. Specifically, it ensures that the length is at least 20 bytes and that the metadata_string_length does not exceed the available buffer size. It also removes an unused string_buffer variable. There are no review comments, and I have no feedback to provide.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.