pitrou commented on pull request #9471: URL: https://github.com/apache/arrow/pull/9471#issuecomment-779951754
Two things need to be distinguished here: 1) the format spec does not mandate any specific value for null-masked value slots 2) that should not allow an implementation to leak private data in null-masked value slots. > when casting to pre-allocatable types like uint8 from null, we don't initialize the values buffer By "don't initialize the values buffer", I take it that we're allocating an uninitialized values buffer. The problem is that the allocator may (and often will) recycle previously allocated memory. This previously allocated memory could contain anything - for example an authorization token, a S3 password or a private SSH key, if the application engages in such activities. Then the uninitialized buffer can be sent as-is via Arrow IPC, and the previously allocated data is leaked. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
