rlp.decode_to_bytes doesn't raise with negative decoded len #3

ClementWalter · 2024-11-14T09:55:20Z

Using rlp.decode_to_bytes(encoded_bytes=b'Q59:\xba\xf4\xda\x05\xb7') returns b'' because it silently slices the input data with a negative len

def decode_to_bytes(encoded_bytes: Bytes) -> Bytes:
    """
    Decodes a rlp encoded byte stream assuming that the decoded data
    should be of type `bytes`.

    Parameters
    ----------
    encoded_bytes :
        RLP encoded byte stream.

    Returns
    -------
    decoded : `ethereum.base_types.Bytes`
        RLP decoded Bytes data
    """
    if len(encoded_bytes) == 1 and encoded_bytes[0] < 0x80:
        return encoded_bytes
    elif encoded_bytes[0] <= 0xB7:
        len_raw_data = encoded_bytes[0] - 0x80

----> here len_raw_data = -47

        if len_raw_data >= len(encoded_bytes):
            raise RLPDecodingError
        raw_data = encoded_bytes[1 : 1 + len_raw_data]
        if len_raw_data == 1 and raw_data[0] < 0x80:
            raise RLPDecodingError
        return raw_data

Some other examples

encoded_bytes=b'~\xbc\xc5^\xbe\xff' gives len_raw_data = -2 and do return a bytes

I think that if len_raw_data >= len(encoded_bytes) should also check for negative lengths.

The text was updated successfully, but these errors were encountered:

SamWilsn transferred this issue from ethereum/execution-specs Nov 14, 2024

SamWilsn added the bug Something isn't working label Nov 14, 2024

SamWilsn assigned ClementWalter Nov 14, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

rlp.decode_to_bytes doesn't raise with negative decoded len #3

rlp.decode_to_bytes doesn't raise with negative decoded len #3

ClementWalter commented Nov 14, 2024 •

edited

Loading

rlp.decode_to_bytes doesn't raise with negative decoded len #3

rlp.decode_to_bytes doesn't raise with negative decoded len #3

Comments

ClementWalter commented Nov 14, 2024 • edited Loading

ClementWalter commented Nov 14, 2024 •

edited

Loading