In C++ we have dedicated validation routines that can be used against untrusted input. (*) We also have fuzzing set up using OSS-Fuzz to validate that invalid input cannot crash the IPC reader.
(*) https://github.com/apache/arrow/blob/master/cpp/src/arrow/array/validate.h
Le 01/10/2021 à 00:13, Andrew Lamb a écrit :
I have created a WIP PR for initial feedback on the approach of validating ArrayData upon creation[1]. If there are no objections to the approach I will complete the implementation over the next few days The approach that Sergey describes of `get` and `unsafe get_unchecked` sounds like a good one to me if performance testing shows we need a bypass. Andrew [1] https://github.com/apache/arrow-rs/pull/810
