Skip to content

Prevent BitChunks length overflow#9818

Merged
alamb merged 1 commit intoapache:mainfrom
alamb:codex/bitchunks-length-overflow
Apr 25, 2026
Merged

Prevent BitChunks length overflow#9818
alamb merged 1 commit intoapache:mainfrom
alamb:codex/bitchunks-length-overflow

Conversation

@alamb
Copy link
Copy Markdown
Contributor

@alamb alamb commented Apr 25, 2026
edited
Loading

Which issue does this PR close?

  • None.

Rationale for this change

BitChunks used unchecked usize arithmetic when validating bit offset plus length. In optimized builds, very large lengths could wrap this bounds check before constructing the iterator state.

What changes are included in this PR?

This adds checked arithmetic for BitChunks bounds validation

Are these changes tested?

Yes. This adds regression coverage for overflowing bit offset plus length validation.

Are there any user-facing changes?

Invalid BitChunks inputs whose offset and length cannot be represented without overflow now panic consistently. There are no API changes.

@github-actions github-actions Bot added the arrow Changes to the arrow crate label Apr 25, 2026
@alamb alamb marked this pull request as ready for review April 25, 2026 03:39
@alamb alamb mentioned this pull request Apr 25, 2026
Open
19 tasks
@alamb
Copy link
Copy Markdown
Contributor Author

alamb commented Apr 25, 2026

Thank you @Dandandan

@alamb alamb merged commit 5fae47e into apache:main Apr 25, 2026
27 checks passed
@alamb alamb deleted the codex/bitchunks-length-overflow branch April 25, 2026 15:19
This was referenced Apr 30, 2026
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Dandandan Dandandan Dandandan approved these changes

Assignees

No one assigned

Labels

arrow Changes to the arrow crate

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alamb @Dandandan