alamb opened a new issue, #9184: URL: https://github.com/apache/arrow-rs/issues/9184
**Is your feature request related to a problem or challenge? Please describe what you are trying to do.** We recently had a security report filed here - https://github.com/apache/arrow-rs/issues/9106 The core issue is that there are places in the arrow-rs codebase that rely on the results returned from the Array trait to be consistent, otherwise undefined behavior can result Our fix was to make the Array trait as sealed (which means it can not be implemented outside the arrow-rs crate). - https://github.com/apache/arrow-rs/pull/9092 While this certainly avoids the undefined behavior, it is a heavy hammer. Our initial assumption that implementing the `Array` trait was not common / good for other crates to extend the Array trait. However, we now have at least two reports that it was done: - @gabotechs in https://github.com/apache/arrow-rs/pull/9092#issuecomment-3710455402 - @waynexia in https://github.com/apache/arrow-rs/pull/9092#issuecomment-3754146322 **Describe the solution you'd like** Given that there are (seemingly) a non trivial number of uses of Array, I think it is worth reconsidering the change and finding some other way to resolve the soundness bug. For example, we could unseal `Array` **Describe alternatives you've considered** One thing we could potentially do is mark the `Array` trait as unsafe: https://doc.rust-lang.org/book/ch20-01-unsafe-rust.html#implementing-an-unsafe-trait That way people could still implement Array, but would have to explicitly acknowledge that there is danger in doing so **Additional context** <!-- Add any other context or screenshots about the feature request here. --> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
