diff --git a/perf/src/sigverify.rs b/perf/src/sigverify.rs index 9b797d3bd..44f0cf226 100644 --- a/perf/src/sigverify.rs +++ b/perf/src/sigverify.rs @@ -131,7 +131,8 @@ fn do_get_packet_offsets( } // read the length of Transaction.signatures (serialized with short_vec) - let (sig_len_untrusted, sig_size) = decode_len(&packet.data)?; + let (sig_len_untrusted, sig_size) = + decode_len(&packet.data).map_err(|_| PacketError::InvalidShortVec)?; // Using msg_start_offset which is based on sig_len_untrusted introduces uncertainty. // Ultimately, the actual sigverify will determine the uncertainty. @@ -156,8 +157,8 @@ fn do_get_packet_offsets( } // read the length of Message.account_keys (serialized with short_vec) - let (pubkey_len, pubkey_len_size) = - decode_len(&packet.data[message_account_keys_len_offset..])?; + let (pubkey_len, pubkey_len_size) = decode_len(&packet.data[message_account_keys_len_offset..]) + .map_err(|_| PacketError::InvalidShortVec)?; if (message_account_keys_len_offset + pubkey_len * size_of::() + pubkey_len_size) > packet.meta.size diff --git a/sdk/src/short_vec.rs b/sdk/src/short_vec.rs index f8368b9b1..4e0c59dee 100644 --- a/sdk/src/short_vec.rs +++ b/sdk/src/short_vec.rs @@ -199,10 +199,20 @@ impl<'de, T: Deserialize<'de>> Deserialize<'de> for ShortVec { } /// Return the decoded value and how many bytes it consumed. -pub fn decode_len(bytes: &[u8]) -> Result<(usize, usize), Box> { - let short_len: ShortU16 = bincode::deserialize(bytes)?; - let num_bytes = bincode::serialized_size(&short_len)?; - Ok((short_len.0 as usize, num_bytes as usize)) +pub fn decode_len(bytes: &[u8]) -> Result<(usize, usize), ()> { + let mut len = 0; + let mut size = 0; + for byte in bytes.iter() { + match visit_byte(*byte, len, size) { + VisitResult::More(l, s) => { + len = l; + size = s; + } + VisitResult::Done(len, size) => return Ok((len, size)), + VisitResult::Err => return Err(()), + } + } + Err(()) } #[cfg(test)]