Fix string alloc (#28)

* Fix non guarded alloc in string deserialization * Bump version to 0.2.7
near · Oct 20, 2019 · d77b8a5 · d77b8a5
1 parent c5693fc
commit d77b8a5
Show file tree

Hide file tree

Showing 6 changed files with 22 additions and 13 deletions.
diff --git a/borsh-rs/Cargo.lock b/borsh-rs/Cargo.lock
diff --git a/borsh-rs/borsh-derive-internal/Cargo.toml b/borsh-rs/borsh-derive-internal/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "borsh-derive-internal"
-version = "0.2.6"
+version = "0.2.7"
 authors = ["Near Inc <hello@nearprotocol.com>"]
 edition = "2018"
 license = "Apache-2.0"

diff --git a/borsh-rs/borsh-derive/Cargo.toml b/borsh-rs/borsh-derive/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "borsh-derive"
-version = "0.2.6"
+version = "0.2.7"
 authors = ["Near Inc <hello@nearprotocol.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -16,6 +16,6 @@ Binary Object Representation Serializer for Hashing
 proc-macro = true
 
 [dependencies]
-borsh-derive-internal = { path = "../borsh-derive-internal" , version="0.2.6"}
+borsh-derive-internal = { path = "../borsh-derive-internal" , version="0.2.7"}
 syn = {version = "1", features = ["full", "fold"] }
 
diff --git a/borsh-rs/borsh/Cargo.toml b/borsh-rs/borsh/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "borsh"
-version = "0.2.6"
+version = "0.2.7"
 authors = ["Near Inc <hello@nearprotocol.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -13,7 +13,7 @@ Binary Object Representation Serializer for Hashing
 """
 
 [dependencies]
-borsh-derive = { path = "../borsh-derive", version = "0.2.6" }
+borsh-derive = { path = "../borsh-derive", version = "0.2.7" }
 
 [features]
 default = ["std"]

diff --git a/borsh-rs/borsh/src/de/mod.rs b/borsh-rs/borsh/src/de/mod.rs
@@ -109,8 +109,11 @@ impl BorshDeserialize for String {
     #[inline]
     fn deserialize<R: Read>(reader: &mut R) -> Result<Self, Error> {
         let len = u32::deserialize(reader)?;
-        let mut result = vec![0; len as usize];
-        reader.read_exact(&mut result)?;
+        // TODO(16): return capacity allocation when we have the size of the buffer left from the reader.
+        let mut result = Vec::new();
+        for _ in 0..len {
+            result.push(u8::deserialize(reader)?);
+        }
         String::from_utf8(result)
             .map_err(|err| std::io::Error::new(std::io::ErrorKind::InvalidData, err.to_string()))
     }

diff --git a/borsh-rs/borsh/tests/test_de_errors.rs b/borsh-rs/borsh/tests/test_de_errors.rs
@@ -48,6 +48,12 @@ fn test_invalid_length() {
     assert_eq!(<Vec<u64>>::try_from_slice(&bytes).unwrap_err().to_string(), "failed to fill whole buffer");
 }
 
+#[test]
+fn test_invalid_length_string() {
+    let bytes = vec![255u8; 4];
+    assert_eq!(String::try_from_slice(&bytes).unwrap_err().to_string(), "failed to fill whole buffer");
+}
+
 #[test]
 fn test_non_utf_string() {
     let bytes = vec![1, 0, 0, 0, 0xC0];