diff options
| author | Buldram <buldram@proton.me> | 2024-07-22 01:11:14 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-07-22 07:11:14 +0200 |
| commit | 2d2a7f23471270392baf64855ae205c287888e7d (patch) | |
| tree | 417b7e71f23c847774626c0817653bb6df246642 /lib/std | |
| parent | 1c287fb960231366550db35f759b146a9330e73a (diff) | |
| download | Nim-2d2a7f23471270392baf64855ae205c287888e7d.tar.gz | |
Fix out-of-bounds slicing in std/varints (#23868)
Corrects a slicing mistake in the `std/varints` implementation which caused it to fail when writing large numbers into buffers smaller than 10..13-bytes, now 9-byte buffers are sufficient as the documentation states.
Diffstat (limited to 'lib/std')
| -rw-r--r-- | lib/std/varints.nim | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/lib/std/varints.nim b/lib/std/varints.nim index 0d18b9069..32fe2fffb 100644 --- a/lib/std/varints.nim +++ b/lib/std/varints.nim @@ -82,29 +82,29 @@ proc writeVu64*(z: var openArray[byte], x: uint64): int = z[3] = cast[uint8](y) return 4 z[0] = 251 - varintWrite32(toOpenArray(z, 1, z.high-1), y) + varintWrite32(toOpenArray(z, 1, 4), y) return 5 if w <= 255: z[0] = 252 z[1] = cast[uint8](w) - varintWrite32(toOpenArray(z, 2, z.high-2), y) + varintWrite32(toOpenArray(z, 2, 5), y) return 6 if w <= 65535: z[0] = 253 z[1] = cast[uint8](w shr 8) z[2] = cast[uint8](w) - varintWrite32(toOpenArray(z, 3, z.high-3), y) + varintWrite32(toOpenArray(z, 3, 6), y) return 7 if w <= 16777215: z[0] = 254 z[1] = cast[uint8](w shr 16) z[2] = cast[uint8](w shr 8) z[3] = cast[uint8](w) - varintWrite32(toOpenArray(z, 4, z.high-4), y) + varintWrite32(toOpenArray(z, 4, 7), y) return 8 z[0] = 255 - varintWrite32(toOpenArray(z, 1, z.high-1), w) - varintWrite32(toOpenArray(z, 5, z.high-5), y) + varintWrite32(toOpenArray(z, 1, 4), w) + varintWrite32(toOpenArray(z, 5, 8), y) return 9 proc sar(a, b: int64): int64 = |