Use decode_all for decoding cross contract call result

[ascjones]

Related to GHSA-853p-5678-hv8f.

decode can still succeed if there are bytes remaining. In the above security advisory the issue was that the bytes for Result<T> were successfully decoded into a T but with the incorrect value, because Result encoding has an extra byte prefix.

If we had been using decode_all instead, which fails if there are any bytes remaining in the input, this would have been discovered earlier.

This provides an extra level of safety since it avoids e.g. truncation of values: preventing e.g. an i32 returned by the callee being decoded into an i8 (see integration-test as part of this PR).

Note there are other uses of decode which could be replaced by decode_all (see #1804), but we can tackle those separately.

[SkymanOne]

Looks good, but why can't we have the same generic integration test for the delegate call?

[codecov-commenter]

Codecov Report

Merging #1810 (248d1a9) into master (14c850c) will increase coverage by 0.04%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master    #1810      +/-   ##
==========================================
+ Coverage   52.11%   52.16%   +0.04%     
==========================================
  Files         206      206              
  Lines        6656     6656              
==========================================
+ Hits         3469     3472       +3     
+ Misses       3187     3184       -3     

see 3 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[SkymanOne]

LGTM!