chegoryu opened a new issue, #48311: URL: https://github.com/apache/arrow/issues/48311
### Describe the bug, including details regarding any error messages, version, and platform. After this resize https://github.com/apache/arrow/blob/57cb17259cdbebec0741dfc20aff210f32a80b1e/cpp/src/arrow/io/buffered.cc#L328-L332 It's not guaranteed that `buffer_->size() - buffer_pos_ >= nbytes` because we have this special case: https://github.com/apache/arrow/blob/57cb17259cdbebec0741dfc20aff210f32a80b1e/cpp/src/arrow/io/buffered.cc#L302-L306 This case assume that `buffer_pos_` will be reset to zero after resize, but it's not, so here: https://github.com/apache/arrow/blob/57cb17259cdbebec0741dfc20aff210f32a80b1e/cpp/src/arrow/io/buffered.cc#L340-L343 We write at `buffer_->mutable_data() + buffer_pos_ + bytes_buffered_` and access memory beyond buffer size in some cases. I have repro, but it requires really big file and a lot of code from our internal repository, so I can't post it. Such diff fixed the issue for me https://github.com/apache/arrow/compare/main...chegoryu:arrow:fix-buffered-io ### Component(s) C++ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
