[C++] Segfault in SparseCSFIndex::Equals with mismatched dimensions #49104
Description
Describe the Bug
SparseCSFIndex::Equals causes a segmentation fault when comparing two SparseCSFIndex objects that have a different number of dimensions. The method iterates through the indices() and indptr() vectors based on the size of the current object but does not verify that the other object has matching vector sizes, leading to out-of-bounds access and a crash.
File: cpp/src/arrow/sparse_tensor.cc
bool SparseCSFIndex::Equals(const SparseCSFIndex& other) const {
for (int64_t i = 0; i < static_cast<int64_t>(indices().size()); ++i) {
if (!indices()[i]->Equals(*other.indices()[i])) return false; // ❌ Segfault if other.indices() is smaller
}
for (int64_t i = 0; i < static_cast<int64_t>(indptr().size()); ++i) {
if (!indptr()[i]->Equals(*other.indptr()[i])) return false; // ❌ Segfault if other.indptr() is smaller
}
return axis_order() == other.axis_order();
}Component(s)
C++