Array index out of bounds in https://github.com/IBM/differential-privacy-library/blob/main/diffprivlib/tools/quantiles.py#L134

#48
However, in that case, len(probabilties)=len(array)-1 .

That still means, if rand becomes greater than all self._probabilities in line 169 of

differential-privacy-library/diffprivlib/mechanisms/exponential.py

Line 169 in eeae0d7

rand = self._rng.random()

, i.e, when idx = len(self._probabilities) as of line 174 of the same as per given conditions, line 134 of https://github.com/IBM/differential-privacy-library/blob/main/diffprivlib/tools/quantiles.py#L134 should still give an "array index out of bounds error" due to array[idx+1] reference, right, since idx=len(probabilities) and len(probabilties)=len(array)-1, which means array[idx+1] = array[len(array)] ?

From the following, there are k+1 probabilities (indexed from 0 through k) in the mechanism:

differential-privacy-library/diffprivlib/tools/quantiles.py

Lines 131 to 132 in eeae0d7

    
           mech = Exponential(epsilon=epsilon, sensitivity=1, utility=list(-np.abs(np.arange(0, k + 1) - quant * k)), 
        
                              measure=list(interval_sizes))

So the outputs from this exponential mechanism will be in the range [0, k], inclusive. This is okay, since array now has k+2 entries, indexed from 0 through k+1, so array[idx+1] will always be valid:

differential-privacy-library/diffprivlib/tools/quantiles.py

Line 134 in eeae0d7

output = mech._rng.random() * (array[idx+1] - array[idx]) + array[idx]

But

differential-privacy-library/diffprivlib/mechanisms/exponential.py

Line 174 in eeae0d7

idx = len(self._probabilities)

states that idx is k+1 in the worst case, not k, if I'm not wrong?

Ah yes, good spot! We'll get that fixed. That should be idx = len(self._probabilities) - 1.

Thanks!

#50 Sent a PR for the same!

	mech = Exponential(epsilon=epsilon, sensitivity=1, utility=list(-np.abs(np.arange(0, k + 1) - quant * k)),
	measure=list(interval_sizes))