metsw24-max opened a new pull request, #49758: URL: https://github.com/apache/arrow/pull/49758
This change strengthens the JSON integration parser for BinaryView arrays by replacing debug-only assumptions with enforced runtime validation for untrusted input. This patch introduces strict validation to ensure all BinaryView inputs are well-formed before being used. Key improvements: - Validate SIZE as non-negative and within int32 bounds before use - Enforce exact length matching for INLINED payloads (both UTF-8 and hex-encoded) - Validate BUFFER_INDEX and OFFSET as non-negative and within valid bounds - Ensure referenced buffer slices (OFFSET, SIZE) stay within actual buffer limits - Validate PREFIX_HEX length before parsing - Replace DCHECK-based assumptions with Status::Invalid checks in all cases -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
