fix missing utf8 check for conversion from BinaryViewArray to StringViewArray #9158
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alamb
commented
Jan 13, 2026
|
|
||
| #[should_panic(expected = "invalid utf-8 sequence")] | ||
| #[test] | ||
| fn invalid_array_data() { |
Contributor
Author
There was a problem hiding this comment.
This test also fails on main but I wanted to make it super clear you can't build an invalid Utf8ViewArray with the ArrayDataBuilder (as expected)
Closed
1 task
alamb
commented
Jan 13, 2026
| let views = ScalarBuffer::new(views, offset, len); | ||
| Self { | ||
| data_type: T::DATA_TYPE, | ||
| data_type, |
Contributor
Author
There was a problem hiding this comment.
@jhorstmann noted that reusing data_type here might be faster as it avoids a call to DataType::drop 🤷
mhilton
approved these changes
Jan 13, 2026
alamb
commented
Jan 13, 2026
| fn from(data: ArrayData) -> Self { | ||
| let (_data_type, len, nulls, offset, mut buffers, _child_data) = data.into_parts(); | ||
| let (data_type, len, nulls, offset, mut buffers, _child_data) = data.into_parts(); | ||
| assert_eq!( |
Contributor
Author
There was a problem hiding this comment.
This is the equivalent check in GenericByteArray:
arrow-rs/arrow-array/src/array/byte_array.rs
Line 545 in 90839df
etseidl
approved these changes
Jan 13, 2026
Contributor
etseidl
left a comment
etseidl
left a comment
There was a problem hiding this comment.
LGTM. Verified test fails if the assert is removed.
Co-authored-by: Martin Hilton <mhilton@influxdata.com>
Jefffrey
approved these changes
Jan 14, 2026
Contributor
|
One conflict! |
Contributor
Author
|
Conflict resolved so merging! |
Dandandan
pushed a commit
to Dandandan/arrow-rs
that referenced
this pull request
Jan 15, 2026
…iewArray (apache#9158) # Which issue does this PR close? <!-- We generally require a GitHub issue to be filed for all bug fixes and enhancements and this helps us generate change logs for our releases. You can link an issue to this PR using the GitHub syntax. --> - closes apache#9157 # Rationale for this change @jhorstmann found it is possible to bypass utf8 validation by abusing the ArrayData APIs # What changes are included in this PR? 1. Add an assert to prevent the bypass 2. Add tests # Are these changes tested? Yes, new unit tests are added # Are there any user-facing changes? error if APIs are misused --------- Co-authored-by: Martin Hilton <mhilton@influxdata.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Which issue does this PR close?
BinaryViewArrayto StringViewArray #9157Rationale for this change
@jhorstmann found it is possible to bypass utf8 validation by abusing the ArrayData APIs
What changes are included in this PR?
Are these changes tested?
Yes, new unit tests are added
Are there any user-facing changes?
error if APIs are misused