This repository has been archived by the owner on Feb 18, 2024. It is now read-only.
Add miri checks against IO IPC to mitigate RUSTSEC-2020-0159
#592
Labels
no-changelog
Issues whose changes are covered by a PR and thus should not be shown in the changelog
testing
PRs that only increase coverage
Comments
jorgecarleitao
added
the
no-changelog
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I went through the code in
arrow-formatand this crate and could not find any incorrect usage. However, given the size of this exposure, I propose that we do not ignore this advisory until we have MIRI running against the IPC implementation.The goal of this issue is to make MIRI run against the IO IPC, to safeguard us against
RUSTSEC-2020-0159.The blocker/challenge is that MIRI in isolation does not allow opening a file, and we do need to open IPC files to roundtrip them. We should try to lift the isolation constraint on the CI for MIRI to have it run against IPC roundtrip tests (
tests::io::ipc::file::writeshould be sufficient).The text was updated successfully, but these errors were encountered: