jhorstmann opened a new pull request #813:
URL: https://github.com/apache/arrow-rs/pull/813
# Which issue does this PR close?
Related/complementary to the validation in #810, this PR investigates our
usages of `ArrayData::new` and whether they are actually safe. Creating
primitive or boolean arrays can be done safely with minimal validation. For
other data types this introduces an unsafe `new_unchecked` method for usages in
performane critical kernels.
Todo:
- [ ] Add `Safety` annotations to all usages of `new_unchecked` or decide
whether to use a safe and validating alternative
- [ ] In debug mode we should validate the buffers even in `new_unchecked`
- [ ] `ArrayDataBuilder::build` needs to be either unsafe or do validation
- [ ] Investigate whether setting a `null_count` that differs from the
actual `null_bitmap` violates any invariants
<!---
We generally require a GitHub issue to be filed for all bug fixes and
enhancements and this helps us generate change logs for our releases. You can
link an issue to this PR using the GitHub syntax. For example `Closes #123`
indicates that this PR will close issue #123.
-->
"Closes" #806, #704, #705, #706 and possibly #777 since it would be no
longer possible to create invalid ArrayData without unsafe code. We shouldn't
close those issues without having a safe alternative.
# Rationale for this change
The above mentioned security issues all start by creating `ArrayData`
objects that violate the invariants of those arrays. Marking this creation
unsafe thus satisfies the rust guidelines.
<!---
Why are you proposing this change? If this is already explained clearly in
the issue then this section is not needed.
Explaining clearly why changes are proposed helps reviewers understand your
changes and offer better suggestions for fixes.
-->
# What changes are included in this PR?
<!---
There is no need to duplicate the description in the issue here but it is
sometimes worth providing a summary of the individual changes in this PR.
-->
# Are there any user-facing changes?
The `ArrayData::new` method is removed in this PR but should be reintroduced
with full validation of all parameters.
<!---
If there are user-facing changes then we may require documentation to be
updated before approving the PR.
-->
<!---
If there are any breaking changes to public APIs, please add the `breaking
change` label.
-->
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
