diff --git a/src/network/encodable.rs b/src/network/encodable.rs index fde86bb8..6b395c42 100644 --- a/src/network/encodable.rs +++ b/src/network/encodable.rs @@ -468,11 +468,11 @@ mod tests { #[test] fn deserialize_int_test() { // bool - assert_eq!(deserialize(&[58u8, 0]).ok(), Some(true)); + assert!((deserialize(&[58u8, 0]) as Result).is_err()); assert_eq!(deserialize(&[58u8]).ok(), Some(true)); assert_eq!(deserialize(&[1u8]).ok(), Some(true)); assert_eq!(deserialize(&[0u8]).ok(), Some(false)); - assert_eq!(deserialize(&[0u8, 1]).ok(), Some(false)); + assert!((deserialize(&[0u8, 1]) as Result).is_err()); // u8 assert_eq!(deserialize(&[58u8]).ok(), Some(58u8)); @@ -510,7 +510,7 @@ mod tests { #[test] fn deserialize_vec_test() { assert_eq!(deserialize(&[3u8, 2, 3, 4]).ok(), Some(vec![2u8, 3, 4])); - assert_eq!(deserialize(&[4u8, 2, 3, 4, 5, 6]).ok(), Some(vec![2u8, 3, 4, 5])); + assert!((deserialize(&[4u8, 2, 3, 4, 5, 6]) as Result, _>).is_err()); // found by cargo fuzz assert!(deserialize::>(&[0xff,0xff,0xff,0xff,0x6b,0x6b,0x6b,0x6b,0x6b,0x6b,0x6b,0x6b,0x6b,0x6b,0x6b,0x6b,0xa,0xa,0x3a]).is_err()); } diff --git a/src/network/serialize.rs b/src/network/serialize.rs index 9d8c66db..4fde9d9a 100644 --- a/src/network/serialize.rs +++ b/src/network/serialize.rs @@ -57,12 +57,20 @@ pub fn serialize_hex(data: &T) -> Result Ok(hex_encode(serial)) } -/// Deserialize an object from a vector +/// Deserialize an object from a vector, will error if said deserialization +/// doesn't consume the entire vector. pub fn deserialize<'a, T>(data: &'a [u8]) -> Result where T: ConsensusDecodable>> { let mut decoder = RawDecoder::new(Cursor::new(data)); - ConsensusDecodable::consensus_decode(&mut decoder) + let rv = ConsensusDecodable::consensus_decode(&mut decoder)?; + + // Fail if data is not consumed entirely. + if decoder.into_inner().position() == data.len() as u64 { + Ok(rv) + } else { + Err(util::Error::ParseFailed) + } } /// An encoder for raw binary data