Limited Deserialize isn't limiting anything (#10952)

* Add failing test

* Use deserialize_from to enable limit

core/src/rpc.rs

@@ -1690,7 +1690,7 @@ fn deserialize_bs58_transaction(bs58_transaction: String) -> Result<(Vec<u8>, Tr
     }
     bincode::config()
         .limit(PACKET_DATA_SIZE as u64)
-        .deserialize(&wire_transaction)
+        .deserialize_from(&wire_transaction[..])
         .map_err(|err| {
             info!("transaction deserialize error: {:?}", err);
             Error::invalid_params(&err.to_string())

perf/src/packet.rs

@@ -102,7 +102,7 @@ where
 {
     bincode::config()
         .limit(PACKET_DATA_SIZE as u64)
-        .deserialize(data)
+        .deserialize_from(data)
 }
 
 #[cfg(test)]

sdk/src/program_utils.rs

@@ -9,6 +9,27 @@ where
     let limit = crate::packet::PACKET_DATA_SIZE as u64;
     bincode::config()
         .limit(limit)
-        .deserialize(instruction_data)
+        .deserialize_from(instruction_data)
         .map_err(|_| InstructionError::InvalidInstructionData)
 }
+
+#[cfg(test)]
+pub mod tests {
+    use super::*;
+
+    #[test]
+    fn test_limited_deserialize() {
+        #[derive(Deserialize, Serialize)]
+        enum Foo {
+            Bar(Vec<u8>),
+        }
+
+        let item = Foo::Bar([1; crate::packet::PACKET_DATA_SIZE - 12].to_vec()); // crate::packet::PACKET_DATA_SIZE - 12: size limit, minus enum variant and vec len() serialized sizes
+        let serialized = bincode::serialize(&item).unwrap();
+        assert!(limited_deserialize::<Foo>(&serialized).is_ok());
+
+        let item = Foo::Bar([1; crate::packet::PACKET_DATA_SIZE - 11].to_vec()); // Extra byte should bump serialized size over the size limit
+        let serialized = bincode::serialize(&item).unwrap();
+        assert!(limited_deserialize::<Foo>(&serialized).is_err());
+    }
+}