`from_base_be` allows construction of overflowing Uints
Closed this issue · 0 comments
prestwich commented
Version
1.8.0
Platform
Unix
Reproduction
Use from_base_be
with an input that would fit in the Uint::LIMBS
array, but is too large for its BITS
// This produces Ok(0x64_U1)
#[test]
fn test_from_base_be_overflow() {
assert_eq!(
Uint::<1, 1>::from_base_be(10, [1,0,0u64].into_iter()),
Err(BaseConvertError::Overflow)
)
}
// This produces `Ok(0x10000_U1)`
#[test]
fn test_from_str_radix_overflow() {
assert_eq!(
Uint::<1, 1>::from_str_radix("10000", 16),
Err(ParseError::BaseConvertError(BaseConvertError::Overflow))
);
}
This seems to occur because of the unchecked assignment here. It allows high limbs to have dirty upper bytes.
https://github.com/recmo/uint/blob/main/src/base_convert.rs#LL105C25-L105C30
SemVer
This is a patch change