alamb opened a new pull request, #9872: URL: https://github.com/apache/arrow-rs/pull/9872
# Which issue does this PR close? - Closes https://github.com/apache/arrow-rs/pull/9850 # Rationale for this change `FixedSizeBinaryArray::value_offset_at` cast the requested index to `i32` before multiplying by the element width. For indexes beyond `i32::MAX`, that truncation could produce a negative byte offset and cause `value()` to read before the start of the value buffer. # What changes are included in this PR? 1. Prevent any FixedSizedBinaryArrays from being constructed where the offset calculation could overflow As @adamreeve [pointed out](https://github.com/apache/arrow-rs/pull/9850#discussion_r3164949680) on https://github.com/apache/arrow-rs/pull/9850 there are several places where the `i32` arithmetic is problematic in `FixedSizeBinaryArray`. I will fix them for real in a different, follow on PR However, since I hope to backport this PR to older releases, I would like something that is easy to review and has the least potential for error. # Are these changes tested? I added unit tests. However, I can't find any way to fully trigger the actual paths short of trying to allocate very large arrays, which I don't think is appropriate for unit tests. # Are there any user-facing changes? Better limit checking -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
