Fix VarInt decoding with extra bytes at the end#13
Merged
dermesser merged 1 commit intodermesser:masterfrom Oct 22, 2020
jamesbornholt:master
Merged
Fix VarInt decoding with extra bytes at the end#13dermesser merged 1 commit intodermesser:masterfrom jamesbornholt:master
dermesser merged 1 commit intodermesser:masterfrom
jamesbornholt:master
Conversation
dermesser
requested changes
Oct 21, 2020
It's not enough to check the last byte of the slice for the MSB being set -- we have to scan all the bytes, and only fail decoding if we never saw the MSB set in any byte.
Contributor
Author
|
I realized I forgot to make the same change for I also added another test for overflow (encodings that are too long to produce a valid |
dermesser
approved these changes
Oct 22, 2020
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
After #10, decoding a VarInt from a slice can fail if the final byte of the slice has its MSB set, even if the VarInt decoding will never make it that far. This is an issue if we're decoding from a larger slice that has other encoded data after the VarInt.
It's not enough to check the last byte of the slice for the MSB being set -- we have to scan all the bytes and try to decode them, and only fail decoding if we never saw the MSB set in any byte.