Skip to content
This repository has been archived by the owner on Feb 18, 2024. It is now read-only.

OffsetBuffer Slice is Unsound #1447

Closed
tustvold opened this issue Mar 29, 2023 · 2 comments · Fixed by #1448
Closed

OffsetBuffer Slice is Unsound #1447

tustvold opened this issue Mar 29, 2023 · 2 comments · Fixed by #1448
Labels
bug Something isn't working

Comments

@tustvold
Copy link
Contributor

Noticed whilst working on #1446

OffsetBuffer::slice does not verify that the length is non-zero, which results in UB from methods such as OffsetBuffer::first

#[test]
fn test_offsets_slice() {
    let mut buffer = OffsetsBuffer::<i32>::new();
    buffer.slice(0, 0);
    buffer.first();
}

Fails in debug with

  process didn't exit successfully: `/home/raphael/repos/external/arrow2/target/debug/deps/it-04058e53dc1ec684 'array::utf8::test_offsets_slice' --format=json --exact -Z unstable-options --show-output` (signal: 4, SIGILL: illegal instruction)
@ritchie46 ritchie46 mentioned this issue Mar 29, 2023
Merged
@ritchie46
Copy link
Collaborator

Good catch! Fixed in #1448

@jorgecarleitao jorgecarleitao added the bug Something isn't working label Apr 12, 2023
@jorgecarleitao
Copy link
Owner

Thank you for reporting it. Well spotted - I plan to cut a release with a fix for this as well as adding an entry to the rust advisory.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixed missing assert len in OffsetBuffer::slice ritchie46/arrow2
3 participants
@tustvold @jorgecarleitao @ritchie46