Test encoding raw slices does not allows buffer overflows (#6699)

## Description Test for #6686 buffer overflow on `Bytes` encoding. This test fails without the fix and pass with it. ## Checklist - [x] I have linked to any relevant issues. - [x] I have commented my code, particularly in hard-to-understand areas. - [ ] I have updated the documentation where relevant (API docs, the reference, and the Sway book). - [ ] If my change requires substantial documentation changes, I have [requested support from the DevRel team](https://github.com/FuelLabs/devrel-requests/issues/new/choose) - [x] I have added tests that prove my fix is effective or that my feature works. - [ ] I have added (or requested a maintainer to add) the necessary `Breaking*` or `New Feature` labels where relevant. - [x] I have done my best to ensure that my PR adheres to [the Fuel Labs Code Review Standards](https://github.com/FuelLabs/rfcs/blob/master/text/code-standards/external-contributors.md). - [x] I have requested a review from the relevant team or maintainers. --------- Co-authored-by: Joshua Batty <joshpbatty@gmail.com> Co-authored-by: Sophie Dankel <47993817+sdankel@users.noreply.github.com>
FuelLabs · Nov 13, 2024 · 861ca10 · 861ca10
1 parent f39a494
commit 861ca10
Showing 1 changed file with 30 additions and 0 deletions.
diff --git a/sway-lib-std/src/bytes.sw b/sway-lib-std/src/bytes.sw
@@ -950,3 +950,33 @@ fn ok_bytes_buffer_ownership() {
     let mut bytes = abi_decode::<Bytes>(encoded_slice);
     assert(bytes.get(0) == Some(5));
 }
+
+#[test]
+fn ok_bytes_bigger_than_3064() {
+    let mut v: Bytes = Bytes::new();
+
+    // We allocate 1024 bytes initially, this is throw away because 
+    // it is not big enough for the buffer.
+    // Then we used to double the buffer to 2048.
+    // Then we write an `u64` with the length of the buffer.
+    // Then we write the buffer itself.
+    // (1024 + 2048) - 8 = 3064
+    // Thus, we need a buffer with 3065 bytes to write into the red zone
+    let mut a = 3065;
+    while a > 0 {
+        v.push(1u8);
+        a -= 1;
+    }
+
+    // This red zone should not be overwritten
+    let red_zone = asm(size: 1024) {
+        aloc size;
+        hp: raw_ptr
+    };
+    red_zone.write(0xFFFFFFFFFFFFFFFF);
+    assert(red_zone.read::<u64>() == 0xFFFFFFFFFFFFFFFF);
+
+    let _ = encode(v);
+
+    assert(red_zone.read::<u64>() == 0xFFFFFFFFFFFFFFFF);
+}