HaoYang670 commented on code in PR #2477:
URL: https://github.com/apache/arrow-rs/pull/2477#discussion_r947865222
##########
arrow/src/util/decimal.rs:
##########
@@ -18,50 +18,26 @@
//! Decimal related utils
use crate::datatypes::{
- DataType, DECIMAL128_MAX_PRECISION, DECIMAL128_MAX_SCALE,
DECIMAL256_MAX_PRECISION,
- DECIMAL256_MAX_SCALE, DECIMAL_DEFAULT_SCALE,
+ DataType, Decimal128Type, Decimal256Type, DecimalType,
DECIMAL256_MAX_PRECISION,
+ DECIMAL_DEFAULT_SCALE,
};
use crate::error::{ArrowError, Result};
use num::bigint::BigInt;
use num::Signed;
use std::cmp::{min, Ordering};
#[derive(Debug)]
-pub struct BasicDecimal<const BYTE_WIDTH: usize> {
+pub struct Decimal<T: DecimalType> {
precision: usize,
scale: usize,
- value: [u8; BYTE_WIDTH],
+ value: T::Native,
}
-impl<const BYTE_WIDTH: usize> BasicDecimal<BYTE_WIDTH> {
- #[allow(clippy::type_complexity)]
- const MAX_PRECISION_SCALE_CONSTRUCTOR_DEFAULT_TYPE: (
Review Comment:
The weird thing I find is that, the rust compiler does the constant
evaluation lazily. For example,
```rust
BasicDecimal<1>::try_new(...);
```
will cause a compiler error: "invalid byte length" because the constants we
defined in the `impl BasicDecimal` are used in the `try_new` function. However,
hackers can run
```rust
BasicDecimal<1>::new(...);
```
without neither compiler error nor runtime error, because no constant is
used in this method, so the compiler will not evaluate these constant.
In a word, a hacker can successfully use an invalid decimal type as long as
they never touch the constants defined in the `impl BasicDecimal`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
