wiedld opened a new pull request, #13802: URL: https://github.com/apache/datafusion/pull/13802
## Which issue does this PR close? Closes #13759 ## Rationale for this change We identified a potential code vulnerability during a security audit at InfluxData. This fixes that vulnerability, by provide instead the maximum valid capacity number accepted by MutableBuffer. ## What changes are included in this PR? Handle: * usize overflow * up to max accepted [bit_util::round_upto_multiple_of_64](https://docs.rs/arrow-buffer/53.3.0/src/arrow_buffer/buffer/mutable.rs.html#79) (or it just panics there) * up to max accepted by [std::alloc::Layout](https://docs.rs/arrow-buffer/53.3.0/src/arrow_buffer/buffer/mutable.rs.html#80) (or it just panics there) ## Are these changes tested? yes ## Are there any user-facing changes? no -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
