Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Handle Out of Bounds Read In Input Message Data #6439

Merged
merged 10 commits into from
Aug 23, 2024

Conversation

bitzoic
Copy link
Member

@bitzoic bitzoic commented Aug 20, 2024

Description

Previously, when the offset in input_message_data() was not zero, an out of bound read would occur as the offset was not subtracted from the length to read. This has been added. A check to ensure that the offset does not exceed the length has also been added.

Checklist

  • I have linked to any relevant issues.
  • I have commented my code, particularly in hard-to-understand areas.
  • I have updated the documentation where relevant (API docs, the reference, and the Sway book).
  • I have added tests that prove my fix is effective or that my feature works.
  • I have added (or requested a maintainer to add) the necessary Breaking* or New Feature labels where relevant.
  • I have done my best to ensure that my PR adheres to the Fuel Labs Code Review Standards.
  • I have requested a review from the relevant team or maintainers.

@bitzoic bitzoic added bug Something isn't working lib: std Standard library labels Aug 20, 2024
@bitzoic bitzoic self-assigned this Aug 20, 2024
@bitzoic bitzoic requested review from a team as code owners August 20, 2024 05:34
Copy link
Member

@K1-R1 K1-R1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, left a gas golf suggestion for your consideration. Then happy to approve

sway-lib-std/src/inputs.sw Outdated Show resolved Hide resolved
@K1-R1 K1-R1 requested a review from a team August 20, 2024 21:33
sway-lib-std/src/inputs.sw Outdated Show resolved Hide resolved
@K1-R1 K1-R1 requested a review from a team August 21, 2024 10:36
@bitzoic bitzoic requested a review from K1-R1 August 22, 2024 05:44
@IGI-111 IGI-111 enabled auto-merge (squash) August 23, 2024 11:07
@IGI-111 IGI-111 merged commit dbff13d into master Aug 23, 2024
36 checks passed
@IGI-111 IGI-111 deleted the bitzoic-input-message-data branch August 23, 2024 11:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working lib: std Standard library
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants