`from_base_be` allows construction of overflowing Uints

Question

`from_base_be` allows construction of overflowing Uints

Closed this issue a year ago · 0 comments

Version
1.8.0

Platform
Unix

Reproduction

Use from_base_be with an input that would fit in the Uint::LIMBS array, but is too large for its BITS

// This produces Ok(0x64_U1)
#[test]
fn test_from_base_be_overflow() {
    assert_eq!(
        Uint::<1, 1>::from_base_be(10, [1,0,0u64].into_iter()),
        Err(BaseConvertError::Overflow)
    )
}

// This produces `Ok(0x10000_U1)`

#[test]
fn test_from_str_radix_overflow() {
    assert_eq!(
        Uint::<1, 1>::from_str_radix("10000", 16),
        Err(ParseError::BaseConvertError(BaseConvertError::Overflow))
    );
}

This seems to occur because of the unchecked assignment here. It allows high limbs to have dirty upper bytes.
https://github.com/recmo/uint/blob/main/src/base_convert.rs#LL105C25-L105C30

SemVer

This is a patch change