[C++][Gandiva] Functions substring_index and truncate crash with extreme integer values

[dmitry-chirkov-dremio]

Describe the bug, including details regarding any error messages, version, and platform.

Two Gandiva functions crash when called with extreme integer values:

1. substring_index(VARCHAR, VARCHAR, INT) crashes with INT_MIN count parameter

   • Calling substring_index("a.b.c", ".", INT_MIN) causes SIGBUS crash
   • Root cause: Uses abs(cnt) which triggers undefined behavior when cnt == INT_MIN (abs(INT_MIN) overflows in 32-bit signed integers)

2. truncate(BIGINT, INT) crashes with extreme scale values

   • Calling truncate(12345, INT_MAX) or truncate(12345, INT_MIN) causes SIGSEGV
   • Root cause: Passes extreme scale values directly to GetScaleMultiplier, which only has array entries for scales 0-38, causing out-of-bounds array access

Expected behavior

Both functions should handle extreme integer values gracefully without crashing:

• substring_index should safely compute absolute value of count parameter
• truncate should validate scale parameter before array access

Actual behavior

• substring_index: SIGBUS crash due to integer overflow in abs(INT_MIN)
• truncate: SIGSEGV crash due to out-of-bounds array access

How to reproduce

// substring_index crash
gdv_fn_substring_index(ctx, "a.b.c", 5, ".", 1, INT_MIN, &out_len);

// truncate crash
truncate_int64_int32(12345, INT_MAX);
truncate_int64_int32(12345, INT_MIN);

### Component(s)

C++, Gandiva

[dmitry-chirkov-dremio]

take