fix(waves): Fix potential size_t to uint16_t incorrect cast#4681
fix(waves): Fix potential size_t to uint16_t incorrect cast#4681sergei-boiko-trustwallet merged 3 commits intomasterfrom
Conversation
There was a problem hiding this comment.
Pull request overview
Adds a defensive validation to TW::Waves::encodeDynamicLengthBytes to prevent encoding lengths that exceed what can be represented in the 16-bit length prefix.
Changes:
- Introduces a maximum-length check intended to prevent
size_t→uint16_ttruncation during encoding. - Throws an exception when the input exceeds the allowed length boundary.
Comments suppressed due to low confidence (1)
src/Waves/BinaryCoding.h:21
- Once the size check is corrected to guard
bytes.size(), please add a unit test that exercises the new failure mode (e.g.,bytes.size() == uint16_t::max() + 1should throw) to prevent regressions in this encoding boundary.
constexpr auto dataLimit = static_cast<size_t>(std::numeric_limits<uint16_t>::max());
if (data.size() > dataLimit) {
throw std::invalid_argument("Data size exceeds maximum allowed length");
}
encode16BE(static_cast<uint16_t>(bytes.size()), data);
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Binary size comparison➡️ aarch64-apple-ios: 14.34 MB ➡️ aarch64-apple-ios-sim: 14.34 MB ➡️ aarch64-linux-android: 18.77 MB ➡️ armv7-linux-androideabi: 16.20 MB ➡️ wasm32-unknown-emscripten: 13.68 MB |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.
Comments suppressed due to low confidence (1)
src/Waves/BinaryCoding.h:21
std::invalid_argumentis used here, but this header does not include<stdexcept>. Relying on transitive includes is not guaranteed and can break compilation depending on include order; add#include <stdexcept>to keep the header self-contained.
if (bytes.size() > limit) {
throw std::invalid_argument("Data size exceeds maximum allowed length");
}
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This pull request introduces an important validation to the
encodeDynamicLengthBytesfunction insrc/Waves/BinaryCoding.h, ensuring that encoded data does not exceed the maximum allowed length.Validation improvements:
encodeDynamicLengthBytesto throw an exception if thedatasize exceeds theuint16_tmaximum, preventing oversized data from being encoded.