Limited Deserialize isn't limiting anything (#10952)
* Add failing test * Use deserialize_from to enable limit
This commit is contained in:
parent
9b380f8b2c
commit
1a6bbd2867
|
@ -1690,7 +1690,7 @@ fn deserialize_bs58_transaction(bs58_transaction: String) -> Result<(Vec<u8>, Tr
|
||||||
}
|
}
|
||||||
bincode::config()
|
bincode::config()
|
||||||
.limit(PACKET_DATA_SIZE as u64)
|
.limit(PACKET_DATA_SIZE as u64)
|
||||||
.deserialize(&wire_transaction)
|
.deserialize_from(&wire_transaction[..])
|
||||||
.map_err(|err| {
|
.map_err(|err| {
|
||||||
info!("transaction deserialize error: {:?}", err);
|
info!("transaction deserialize error: {:?}", err);
|
||||||
Error::invalid_params(&err.to_string())
|
Error::invalid_params(&err.to_string())
|
||||||
|
|
|
@ -102,7 +102,7 @@ where
|
||||||
{
|
{
|
||||||
bincode::config()
|
bincode::config()
|
||||||
.limit(PACKET_DATA_SIZE as u64)
|
.limit(PACKET_DATA_SIZE as u64)
|
||||||
.deserialize(data)
|
.deserialize_from(data)
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
|
|
|
@ -9,6 +9,27 @@ where
|
||||||
let limit = crate::packet::PACKET_DATA_SIZE as u64;
|
let limit = crate::packet::PACKET_DATA_SIZE as u64;
|
||||||
bincode::config()
|
bincode::config()
|
||||||
.limit(limit)
|
.limit(limit)
|
||||||
.deserialize(instruction_data)
|
.deserialize_from(instruction_data)
|
||||||
.map_err(|_| InstructionError::InvalidInstructionData)
|
.map_err(|_| InstructionError::InvalidInstructionData)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[cfg(test)]
|
||||||
|
pub mod tests {
|
||||||
|
use super::*;
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_limited_deserialize() {
|
||||||
|
#[derive(Deserialize, Serialize)]
|
||||||
|
enum Foo {
|
||||||
|
Bar(Vec<u8>),
|
||||||
|
}
|
||||||
|
|
||||||
|
let item = Foo::Bar([1; crate::packet::PACKET_DATA_SIZE - 12].to_vec()); // crate::packet::PACKET_DATA_SIZE - 12: size limit, minus enum variant and vec len() serialized sizes
|
||||||
|
let serialized = bincode::serialize(&item).unwrap();
|
||||||
|
assert!(limited_deserialize::<Foo>(&serialized).is_ok());
|
||||||
|
|
||||||
|
let item = Foo::Bar([1; crate::packet::PACKET_DATA_SIZE - 11].to_vec()); // Extra byte should bump serialized size over the size limit
|
||||||
|
let serialized = bincode::serialize(&item).unwrap();
|
||||||
|
assert!(limited_deserialize::<Foo>(&serialized).is_err());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue