Mingyu Zhong created ARROW-9948:
-----------------------------------
Summary: Decimal128 does not check scale range when rescaling; can
cause buffer overflow
Key: ARROW-9948
URL: https://issues.apache.org/jira/browse/ARROW-9948
Project: Apache Arrow
Issue Type: Bug
Components: C++
Reporter: Mingyu Zhong
BasicDecimal128::GetScaleMultiplier has a DCHECK on the scale, but the scale
can come from users. For example, Decimal128::FromString("1e100") will cause an
out-of-bound read.
BasicDecimal128::Rescale and BasicDecimal128::GetWholeAndFraction have the same
problem.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
