Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix[codegen]: overflow check in slice() #3818

Merged
merged 12 commits into from
Mar 21, 2024
Merged

fix[codegen]: overflow check in slice() #3818

merged 12 commits into from
Mar 21, 2024

Conversation

charles-cooper
Copy link
Member

@charles-cooper charles-cooper commented Feb 26, 2024
edited
Loading

What I did

fix #3756

How I did it

How to verify it

Commit message

the buffer out-of-bounds check in slice() does not take into account the
possibility for arithmetic overflow. this commit fixes the oob check by
adding an overflow check. it also refactors the slice check into a
helper function, and adds relevant tests.

patches GHSA-9x7f-gwxq-6f2c.

Description for the changelog

Cute Animal Picture

Put a link to a cute animal picture inside the parenthesis-->

@charles-cooper charles-cooper changed the title fix: overflow check in slice() fix[codegen]: overflow check in slice() Feb 26, 2024
fubuloubu
fubuloubu approved these changes Feb 27, 2024
View reviewed changes
Copy link
Member

@fubuloubu fubuloubu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Requires a test

@charles-cooper
Copy link
Member Author

actually i forgot to put this back into draft since i haven't had time to look into the test failures yet

@charles-cooper charles-cooper marked this pull request as draft February 27, 2024 22:43
@codecov-commenter
Copy link

codecov-commenter commented Mar 16, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 86.05%. Comparing base (e589278) to head (c10b6c7).
Report is 1 commits behind head on master.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #3818      +/-   ##
==========================================
- Coverage   86.33%   86.05%   -0.28%     
==========================================
  Files          92       92              
  Lines       14010    14024      +14     
  Branches     3077     3081       +4     
==========================================
- Hits        12096    12069      -27     
- Misses       1484     1523      +39     
- Partials      430      432       +2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@charles-cooper charles-cooper marked this pull request as ready for review March 18, 2024 17:22
@charles-cooper charles-cooper enabled auto-merge (squash) March 21, 2024 21:00
@charles-cooper charles-cooper merged commit f8d4b97 into vyperlang:master Mar 21, 2024
146 checks passed
@charles-cooper charles-cooper deleted the fix/slice-overflow branch March 21, 2024 21:24
electriclilies pushed a commit to electriclilies/vyper that referenced this pull request Apr 27, 2024
@charles-cooper @cyberthirst @electriclilies
fix[codegen]: overflow check in slice() (vyperlang#3818)
cc25c71 
the buffer out-of-bounds check in slice() does not take into account the
possibility for arithmetic overflow. this commit fixes the oob check by
adding an overflow check. it also refactors the slice check into a
helper function, and adds relevant tests.

patches GHSA-9x7f-gwxq-6f2c.
---------

Co-authored-by: cyberthirst <cyberthirst.eth@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cyberthirst cyberthirst cyberthirst left review comments

@trocher trocher trocher left review comments

@fubuloubu fubuloubu fubuloubu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

invalid bounds check for slice()
5 participants
@charles-cooper @codecov-commenter @fubuloubu @cyberthirst @trocher