Bug: Panic in hex_decode Function

[biryukovmaxim]

In the faster-hex library, specifically in version 0.8.1, a change was made to the hex_decode function's logical check of length. This change has caused a panic in certain scenarios, which did not occur in version 0.6.1.

Steps to Reproduce

Use faster-hex version 0.8.1.
Execute the following code:

fn main() {
    let short_str = b"8e40af02265360d59f4ecf9ae9ebf8f00a3118408f5a9cdcbcc9c0f93642f3"; // 62 bytes
    let mut dst = [0u8; 32];
    assert!(
        matches!(faster_hex::hex_decode(short_str.as_slice(), &mut dst), Err(faster_hex::Error::InvalidLength(len)) if len == 64)
    )
}

Expected Behavior

In version 0.6.1, the provided code snippet works as expected, and the assertion does not fail. The function returns an error.

Actual Behavior

In version 0.8.1, the provided code snippet causes a panic with the following error message:
range start index 64 out of range for slice of length 62

stack trace:

stack backtrace:
   0: rust_begin_unwind
             at /rustc/cc66ad468955717ab92600c770da8c1601a4ff33/library/std/src/panicking.rs:595:5
   1: core::panicking::panic_fmt
             at /rustc/cc66ad468955717ab92600c770da8c1601a4ff33/library/core/src/panicking.rs:67:14
   2: core::slice::index::slice_start_index_len_fail_rt
             at /rustc/cc66ad468955717ab92600c770da8c1601a4ff33/library/core/src/slice/index.rs:52:5
   3: core::slice::index::slice_start_index_len_fail
             at /rustc/cc66ad468955717ab92600c770da8c1601a4ff33/library/core/src/slice/index.rs:40:9
   4: <core::ops::range::RangeFrom<usize> as core::slice::index::SliceIndex<[T]>>::index
             at /rustc/cc66ad468955717ab92600c770da8c1601a4ff33/library/core/src/slice/index.rs:497:13
   5: core::slice::index::<impl core::ops::index::Index<I> for [T]>::index
             at /rustc/cc66ad468955717ab92600c770da8c1601a4ff33/library/core/src/slice/index.rs:18:9
   6: faster_hex::decode::hex_decode_avx2
             at /home/maksim/.cargo/registry/src/index.crates.io-6f17d22bba15001f/faster-hex-0.8.1/src/decode.rs:296:19
   7: faster_hex::decode::hex_decode_unchecked
             at /home/maksim/.cargo/registry/src/index.crates.io-6f17d22bba15001f/faster-hex-0.8.1/src/decode.rs:250:52
   8: faster_hex::decode::hex_decode_with_case
             at /home/maksim/.cargo/registry/src/index.crates.io-6f17d22bba15001f/faster-hex-0.8.1/src/decode.rs:242:5
   9: faster_hex::decode::hex_decode
             at /home/maksim/.cargo/registry/src/index.crates.io-6f17d22bba15001f/faster-hex-0.8.1/src/decode.rs:216:5
  10: testing::main
             at ./src/main.rs:5:18
  11: core::ops::function::FnOnce::call_once
             at /rustc/cc66ad468955717ab92600c770da8c1601a4ff33/library/core/src/ops/function.rs:250:5
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.

Version Information

faster-hex version 0.8.1 (where the issue is observed)
faster-hex version 0.6.1 (where the issue is not observed)

this is the code of checking length in 0.8.1 version:

 let expect_dst_len = src.len().checked_div(2).unwrap();

    if dst.len() < expect_dst_len {
        return Err(Error::InvalidLength(dst.len()));
    }

this is what was there before:

   let len = dst.len().checked_mul(2).unwrap();
   if src.len() < len || ((src.len() & 1) != 0) {
       return Err(Error::InvalidLength(len));

Expected Resolution

return previous check or add additional check of dst length

[eval-exec]

This bug was introduced by #27

[biryukovmaxim]

@zhangsoledad what do you think about publishing a new version?