alamb commented on issue #9899: URL: https://github.com/apache/arrow-rs/issues/9899#issuecomment-4380093359
Thank you @ksj1230 -- this was fixed in - https://github.com/apache/arrow-rs/pull/9813 To cause an issue, an adversary would need control over the arguments passed to ArrayData::slice(offset, length). Since the ArrayData[2] API is low level and not widely used outside the Arrow crate, and I would not expect it to receive direct unvalidated user inputs. I expect the fix for this issue in 58.3.0 (later this week) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
