This is an automated email from the ASF dual-hosted git repository.
alamb pushed a commit to branch 56_maintenance
in repository https://gitbox.apache.org/repos/asf/arrow-rs.git
The following commit(s) were added to refs/heads/56_maintenance by this push:
new 17832a4bde [56_maintenance] Prevent BitChunks length overflow (#9818)
(#9896)
17832a4bde is described below
commit 17832a4bde2a12bab2c31816224eadcf681042c5
Author: Andrew Lamb <[email protected]>
AuthorDate: Wed May 6 09:02:18 2026 -0400
[56_maintenance] Prevent BitChunks length overflow (#9818) (#9896)
- Part of https://github.com/apache/arrow-rs/issues/9857
- Fixes https://github.com/apache/arrow-rs/issues/9903 in 56.x releases
This PR:
- Backports https://github.com/apache/arrow-rs/pull/9818 from @alamb to
the `56_maintenance` line
---
arrow-buffer/src/util/bit_chunk_iterator.rs | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/arrow-buffer/src/util/bit_chunk_iterator.rs
b/arrow-buffer/src/util/bit_chunk_iterator.rs
index ea8e8f472a..4ac1421915 100644
--- a/arrow-buffer/src/util/bit_chunk_iterator.rs
+++ b/arrow-buffer/src/util/bit_chunk_iterator.rs
@@ -221,7 +221,8 @@ pub struct BitChunks<'a> {
impl<'a> BitChunks<'a> {
/// Create a new [`BitChunks`] from a byte array, and an offset and length
in bits
pub fn new(buffer: &'a [u8], offset: usize, len: usize) -> Self {
- assert!(ceil(offset + len, 8) <= buffer.len() * 8);
+ let end = offset.checked_add(len).expect("offset + len out of bounds");
+ assert!(ceil(end, 8) <= buffer.len() * 8);
let byte_offset = offset / 8;
let bit_offset = offset % 8;
@@ -476,6 +477,13 @@ mod tests {
assert_eq!(0x7F, bitchunks.remainder_bits());
}
+ #[test]
+ #[should_panic(expected = "offset + len out of bounds")]
+ fn test_out_of_bound_should_panic_when_offset_and_length_overflow() {
+ let buffer = Buffer::from(vec![0xFF_u8; 8]);
+ buffer.bit_chunks(1, usize::MAX);
+ }
+
#[test]
#[allow(clippy::assertions_on_constants)]
fn test_unaligned_bit_chunk_iterator() {
