Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fuzz bug: InternalError: deserialize a non-representable scval #1174

Closed
graydon opened this issue Nov 3, 2023 · 0 comments · Fixed by #1180
Closed

Fuzz bug: InternalError: deserialize a non-representable scval #1174

graydon opened this issue Nov 3, 2023 · 0 comments · Fixed by #1180
Assignees
@graydon
Labels
bug Something isn't working fuzz

Comments

@graydon
Copy link
Contributor

graydon commented Nov 3, 2023 

   1: [Diagnostic Event] contract:0000000000000000000000000000000000000000000000000000000000000000, topics:[error, Error(Value, InternalError)], data:["unexpected non-Val-representable ScVal type", 20]

inside a call to deserialize_from_bytes, from this program:

	Expr(
	    deserialize_from_bytes(
	        bytes_push(
	            bytes_pop(
	                serialize_to_bytes(
	                    vec_back(
	                        vec_push_back(
	                            vec_new_or_existing(
	                                0,
	                            ),
	                            sub_Void(
	                                extend_contract_instance_and_code(
	                                    get_current_contract_address,
	                                    get_ledger_version,
	                                    get_ledger_version,
	                                ),
	                            ),
	                        ),
	                    ),
	                ),
	            ),
	            get_ledger_version,
	        ),
	    ),
	)

Probably just a little too quick to treat non-representability as InternalError rather than potentially-user-controlled input.
@graydon graydon added the bug Something isn't working label Nov 3, 2023
@graydon graydon self-assigned this Nov 3, 2023
@graydon graydon transferred this issue from stellar/quickstart Nov 3, 2023
@graydon graydon added the fuzz label Nov 3, 2023
graydon added a commit that referenced this issue Nov 7, 2023
@graydon
Fix #1174 fuzzer-found deserialization of non-representable ScVal bug.
5660f99
@graydon graydon mentioned this issue Nov 7, 2023
Merged
graydon added a commit that referenced this issue Nov 9, 2023
@graydon
Fix #1174 fuzzer-found deserialization of non-representable ScVal bug.
3035462
github-merge-queue bot pushed a commit that referenced this issue Nov 9, 2023
@graydon
Fix #1174 fuzzer-found deserialization of non-representable ScVal bug. (
44ffc41 
#1180)

Fixes #1174
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@graydon graydon

Labels
bug Something isn't working fuzz
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix #1174 fuzzer-found deserialization of non-representable ScVal bug. stellar/rs-soroban-env
1 participant
@graydon