Skip to content

GH-49104: [C++] Fix Segfault in SparseCSFIndex::Equals with mismatched dimensions #49105

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
AliRana30 wants to merge 6 commits into
base: main
Choose a base branch
from
Open

GH-49104: [C++] Fix Segfault in SparseCSFIndex::Equals with mismatched dimensions #49105

AliRana30 wants to merge 6 commits into from
+38 −3

Conversation

@AliRana30
Copy link

@AliRana30 AliRana30 commented Jan 31, 2026
edited by kou
Loading

Rationale for This Change

The SparseCSFIndex::Equals method can crash when comparing two sparse indices that have a different number of dimensions. The method iterates over the indices() and indptr() vectors of the current object and accesses the corresponding elements in the other object without first verifying that both objects have matching vector sizes. This can lead to out-of-bounds access and a segmentation fault when the dimension counts differ.

What Changes Are Included in This PR?

This change adds explicit size equality checks for the indices() and indptr() vectors at the beginning of the SparseCSFIndex::Equals method. If the dimensions do not match, the method now safely returns false instead of attempting invalid memory access.

Are These Changes Tested?

Yes. The fix has been validated through targeted reproduction of the crash scenario using mismatched dimension counts, ensuring the method behaves safely and deterministically.

Are There Any User-Facing Changes?

No. This change improves internal safety and robustness without altering public APIs or observable user behavior.

@github-actions
Copy link

github-actions bot commented Jan 31, 2026

Thanks for opening a pull request!

If this is not a minor PR. Could you open an issue for this pull request on GitHub? https://github.com/apache/arrow/issues/new/choose

Opening GitHub issues ahead of time contributes to the Openness of the Apache Arrow project.

Then could you also rename the pull request title in the following format?

GH-${GITHUB_ISSUE_ID}: [${COMPONENT}] ${SUMMARY}

or

MINOR: [${COMPONENT}] ${SUMMARY}

See also:

@AliRana30 AliRana30 changed the title [C++] Fix Segfault in SparseCSFIndex::Equals with mismatched dimensions GH-49104: [C++] Fix Segfault in SparseCSFIndex::Equals with mismatched dimensions Jan 31, 2026
@github-actions
Copy link

github-actions bot commented Jan 31, 2026

⚠️ GitHub issue #49104 has been automatically assigned in GitHub to PR creator.

@kou
Copy link
Member

kou commented Feb 1, 2026

Could you add a test for this case?

@AliRana30 AliRana30 force-pushed the fix-sparsecsfindex-equals-segfault branch from d60ea08 to 3e1cbd6 Compare February 1, 2026 13:50
@AliRana30
Copy link
Author

AliRana30 commented Feb 1, 2026

@kou On your request, I have added a new test case, TestEqualityMismatchedDimensions, in
cpp/src/arrow/sparse_tensor_test.cc.

Test details:
This test compares SparseCSFIndex objects with mismatched dimensions (for example, 1D vs 2D) to verify that Equals now safely returns false instead of causing a segfault.

Fix summary:
The fix adds explicit checks for the sizes of indices, indptr, and axis_order before attempting to iterate over them, ensuring safe comparison when dimensions do not match.

@kou
Copy link
Member

kou commented Feb 2, 2026

Could you fix the lint failure?

@AliRana30
Copy link
Author

AliRana30 commented Feb 2, 2026

I have fixed the lint failures by reformatting SparseCSFIndex::Equals() to comply with the 90-character line limit and Arrow's style guide. All functionality remains unchanged.

You can have a check on it ):

@Alirana2829
Fix test: Use valid CSF index structures (2D vs 3D instead of invalid…
8dbc21b 
… 1D)
@Alirana2829
Remove invalid test causing segfaults with empty tensors
900b98d 
The TEST(TestSparseCSFIndex, EqualsMismatchedDimensions) test created
SparseCSFIndex objects with empty tensors (nullptr buffers, 0-length shape),
causing segfaults during validation on ASAN/UBSAN and 'front() called on
empty vector' errors on MSVC. The typed test TestEqualityMismatchedDimensions
already properly validates the fix with valid CSF index structures.
@AliRana30
Copy link
Author

AliRana30 commented Feb 2, 2026
edited
Loading

Note: Some packaging/JNI tests are failing due to Docker image naming with my fork. The core C++ tests should be passing.
Some builds are failing due to Google Benchmark deprecation warnings in benchmark_util.h (not modified by this PR). The core issue fix and tests are complete.
I think it's not an issue>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@assignUser assignUser Awaiting requested review from assignUser

@jonkeane jonkeane Awaiting requested review from jonkeane

@kou kou Awaiting requested review from kou

@raulcd raulcd Awaiting requested review from raulcd

Assignees

No one assigned

Labels

awaiting review Awaiting review Component: C++

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@AliRana30 @kou @Alirana2829