[
https://issues.apache.org/jira/browse/ARROW-1589?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16178675#comment-16178675
]
Marco Neumann commented on ARROW-1589:
--------------------------------------
Currently it is not clearly stated that the message stream is trusted,
therefore the opposite will be assumed by developers. Also, the naming you are
proposing will very likely mislead people, since the current naming within the
library does not contain any information about trust ("trusted" or "untrusted")
so users minds will likely default to "trusted". So the current way method
should rather be prefixed w/ "trusted"/"unsafe"/"fast".
A tiny example that already segfaults is the creation and read-out of an empty
stream, which IMHO should not happen. The reason why unit testing is not
sufficient is that the same kind of devs who are writing the code are also
writing the unit tests and therefore won't be able to think outside their box.
(that's not an offense, it's just human behavior and applies to all
developers).
> [C++] Fuzzing for certain input formats
> ---------------------------------------
>
> Key: ARROW-1589
> URL: https://issues.apache.org/jira/browse/ARROW-1589
> Project: Apache Arrow
> Issue Type: Test
> Reporter: Marco Neumann
> Assignee: Marco Neumann
>
> The arrow lib should have fuzzing tests for certain input formats, e.g. for
> reading record batches from streams. Ideally, malformed input must not crash
> the system but must report a proper error. This could easily be implemented
> e.g. w/ [libfuzzer|https://llvm.org/docs/LibFuzzer.html] in combination with
> address sanitizer (that's already implemented by Arrow's build system).
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
