Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mark certain operations as unsafe #176

Closed
alamb opened this issue Apr 26, 2021 · 1 comment
Closed

Mark certain operations as unsafe #176

alamb opened this issue Apr 26, 2021 · 1 comment
Labels
arrow Changes to the arrow crate bug security

Comments

@alamb
Copy link
Contributor

alamb commented Apr 26, 2021
edited by jorgecarleitao
Loading

Note: migrated from original JIRA: https://issues.apache.org/jira/browse/ARROW-11492

When ArrayData::new is used, we make no attempt to verify that its contents lead to sound code. In particular, for primitive arrays, the following must hold:

/// * `values.len()` is a multiple of `size_of::<T::Native>`
/// * `values.as_ptr()` is aligned with `T::Native`
/// * when `nulls` is `Some`, `nulls.len` is equal to `(ArrayData::len + 7) / 8`.
/// * `offset <= ArrayData::len`
  • The first two conditions allow us to soundly transmute the u8 buffer into T::Native.
  • The third condition allow us to access bits on the null bitmap up to ArrayData::len.
  • The last condition avoids out of bound accesses to the data when offsets are used.
@alamb alamb added the arrow Changes to the arrow crate label Apr 26, 2021
@alamb
Copy link
Contributor Author

alamb commented Oct 29, 2021

Done in #822

@alamb alamb closed this as completed Oct 29, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
arrow Changes to the arrow crate bug security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alamb @jorgecarleitao