added checks for invalid inputs

rasros · rasros · commit 0322b04fa6c6 · 2025-12-02T10:30:54.000+01:00
diff --git a/src/main/kotlin/com/eignex/kencode/PackedDecoder.kt b/src/main/kotlin/com/eignex/kencode/PackedDecoder.kt
@@ -67,6 +67,9 @@ class PackedDecoder(
         return if (inStructure) {
             decodeBooleanElement(currentDescriptor, currentIndex)
         } else {
+            require(position < input.size) {
+                "Unexpected EOF while decoding Boolean"
+            }
             input[position++].toInt() != 0
         }
     }
@@ -75,6 +78,9 @@ class PackedDecoder(
         return if (inStructure) {
             decodeByteElement(currentDescriptor, currentIndex)
         } else {
+            require(position < input.size) {
+                "Unexpected EOF while decoding Byte"
+            }
             input[position++]
         }
     }
@@ -133,6 +139,9 @@ class PackedDecoder(
         } else {
             val (len, bytesRead) = PackedUtils.decodeVarInt(input, position)
             position += bytesRead
+            require(len >= 0 && position + len <= input.size) {
+                "Unexpected EOF while decoding String payload: need $len bytes from position=$position, size=${input.size}"
+            }
             val bytes = input.copyOfRange(position, position + len)
             position += len
             bytes.toString(Charsets.UTF_8)
@@ -248,6 +257,9 @@ class PackedDecoder(
         descriptor: SerialDescriptor,
         index: Int
     ): Byte {
+        require(position < input.size) {
+            "Unexpected EOF while decoding Byte element at index $index"
+        }
         return input[position++]
     }
 
@@ -285,6 +297,9 @@ class PackedDecoder(
     ): String {
         val (len, bytesRead) = PackedUtils.decodeVarInt(input, position)
         position += bytesRead
+        require(len >= 0 && position + len <= input.size) {
+            "Unexpected EOF while decoding String element at index $index: need $len bytes from position=$position, size=${input.size}"
+        }
         val bytes = input.copyOfRange(position, position + len)
         position += len
         return bytes.toString(Charsets.UTF_8)
@@ -369,10 +384,9 @@ class PackedDecoder(
         }
     }
 
-
     private fun readUtf8Char(): Char {
-        if (position >= input.size) {
-            error("Unexpected EOF while decoding UTF-8 char")
+        require(position < input.size) {
+            "Unexpected EOF while decoding UTF-8 char"
         }
 
         val b0 = input[position].toInt() and 0xFF
@@ -385,10 +399,12 @@ class PackedDecoder(
 
             // 2-byte: 110xxxxx 10xxxxxx
             (b0 and 0b1110_0000) == 0b1100_0000 -> {
-                if (position + 2 > input.size) error("Unexpected EOF in 2-byte UTF-8 char")
+                require(position + 2 <= input.size) {
+                    "Unexpected EOF in 2-byte UTF-8 char"
+                }
                 val b1 = input[position + 1].toInt() and 0xFF
-                if ((b1 and 0b1100_0000) != 0b1000_0000) {
-                    error("Invalid UTF-8 continuation byte: 0x${b1.toString(16)}")
+                require((b1 and 0b1100_0000) == 0b1000_0000) {
+                    "Invalid UTF-8 continuation byte: 0x${b1.toString(16)}"
                 }
                 val codePoint =
                     ((b0 and 0b0001_1111) shl 6) or
@@ -398,13 +414,14 @@ class PackedDecoder(
 
             // 3-byte: 1110xxxx 10xxxxxx 10xxxxxx
             (b0 and 0b1111_0000) == 0b1110_0000 -> {
-                if (position + 3 > input.size) error("Unexpected EOF in 3-byte UTF-8 char")
+                require(position + 3 <= input.size) {
+                    "Unexpected EOF in 3-byte UTF-8 char"
+                }
                 val b1 = input[position + 1].toInt() and 0xFF
                 val b2 = input[position + 2].toInt() and 0xFF
-                if ((b1 and 0b1100_0000) != 0b1000_0000 ||
-                    (b2 and 0b1100_0000) != 0b1000_0000
-                ) {
-                    error("Invalid UTF-8 continuation byte in 3-byte char")
+                require((b1 and 0b1100_0000) == 0b1000_0000 &&
+                        (b2 and 0b1100_0000) == 0b1000_0000) {
+                    "Invalid UTF-8 continuation byte in 3-byte char"
                 }
                 val codePoint =
                     ((b0 and 0b0000_1111) shl 12) or
@@ -413,7 +430,9 @@ class PackedDecoder(
                 3 to codePoint
             }
 
-            else -> error("UTF-8 sequence too long for Char (leading byte: 0x${b0.toString(16)})")
+            else -> throw IllegalArgumentException(
+                "UTF-8 sequence too long for Char (leading byte: 0x${b0.toString(16)})"
+            )
         }
 
         position += len
@@ -422,5 +441,4 @@ class PackedDecoder(
         // since Char is a UTF-16 code unit.
         return cp.toChar()
     }
-
 }
diff --git a/src/main/kotlin/com/eignex/kencode/PackedUtils.kt b/src/main/kotlin/com/eignex/kencode/PackedUtils.kt
@@ -3,7 +3,18 @@ package com.eignex.kencode
 import java.io.ByteArrayOutputStream
 
 internal object PackedUtils {
-    // flags -> int/long
+
+    private fun requireAvailable(
+        data: ByteArray,
+        offset: Int,
+        needed: Int,
+        what: String
+    ) {
+        require(offset >= 0 && needed >= 0 && offset + needed <= data.size) {
+            "Unexpected EOF while decoding $what: need $needed bytes from offset=$offset, size=${data.size}"
+        }
+    }
+
     fun packFlagsToLong(vararg flags: Boolean): Long {
         var result = 0L
         for (i in flags.indices) {
@@ -57,12 +68,14 @@ internal object PackedUtils {
     }
 
     fun readShort(data: ByteArray, offset: Int): Short {
+        requireAvailable(data, offset, 2, "Short")
         val b0 = data[offset].toInt() and 0xFF
         val b1 = data[offset + 1].toInt() and 0xFF
         return ((b0 shl 8) or b1).toShort()
     }
 
     fun readInt(data: ByteArray, offset: Int): Int {
+        requireAvailable(data, offset, 4, "Int")
         var v = 0
         for (i in 0 until 4) {
             v = (v shl 8) or (data[offset + i].toInt() and 0xFF)
@@ -71,13 +84,17 @@ internal object PackedUtils {
     }
 
     fun readLong(data: ByteArray, offset: Int): Long {
+        requireAvailable(data, offset, 8, "Long")
         var v = 0L
         for (i in 0 until 8) {
             v = (v shl 8) or (data[offset + i].toLong() and 0xFFL)
         }
         return v
     }
 
+    // ------------------------------------------------------------
+    // LEB128 VarInt / VarLong writers
+    // ------------------------------------------------------------
     fun writeVarInt(value: Int, out: ByteArrayOutputStream) {
         var v = value
         while (true) {
@@ -104,19 +121,24 @@ internal object PackedUtils {
         }
     }
 
+    // ------------------------------------------------------------
+    // LEB128 VarInt / VarLong decoders (with EOF checking)
+    // ------------------------------------------------------------
     fun decodeVarInt(input: ByteArray, offset: Int): Pair<Int, Int> {
         var result = 0
         var shift = 0
         var pos = offset
         while (true) {
-            if (pos >= input.size) error("Unexpected EOF while decoding VarInt")
+            require(pos < input.size) {
+                "Unexpected EOF while decoding VarInt"
+            }
             val b = input[pos++].toInt() and 0xFF
             result = result or ((b and 0x7F) shl shift)
             if (b and 0x80 == 0) {
                 return result to (pos - offset)
             }
             shift += 7
-            if (shift > 35) error("VarInt too long")
+            require(shift <= 35) { "VarInt too long" }
         }
     }
 
@@ -125,14 +147,16 @@ internal object PackedUtils {
         var shift = 0
         var pos = offset
         while (true) {
-            if (pos >= input.size) error("Unexpected EOF while decoding VarLong")
+            require(pos < input.size) {
+                "Unexpected EOF while decoding VarLong"
+            }
             val b = input[pos++].toInt() and 0xFF
             result = result or ((b and 0x7F).toLong() shl shift)
             if (b and 0x80 == 0) {
                 return result to (pos - offset)
             }
             shift += 7
-            if (shift > 70) error("VarLong too long")
+            require(shift <= 70) { "VarLong too long" }
         }
     }
 }
diff --git a/src/test/kotlin/com/eignex/kencode/PackedFormatTest.kt b/src/test/kotlin/com/eignex/kencode/PackedFormatTest.kt
@@ -115,6 +115,16 @@ class PackedFormatTest {
         val seq: Int
     )
 
+    @Serializable
+    data class Child(val value: Int)
+
+    @Serializable
+    data class Parent(val id: Int, val child: Child)
+
+    @Serializable
+    data class WithList(val id: Int, val items: List<Int>)
+
+
     private fun <T> roundtrip(
         serializer: KSerializer<T>, value: T
     ) {
@@ -518,4 +528,76 @@ class PackedFormatTest {
         assertNull(result)
     }
 
+    @Test
+    fun `single continuation byte should throw for top level char`() {
+        // 0x80 is a continuation byte without a valid leading byte.
+        val bytes = byteArrayOf(0x80.toByte())
+        val decoder = PackedDecoder(bytes)
+
+        assertFailsWith<IllegalArgumentException> {
+            decoder.decodeSerializableValue(Char.serializer())
+        }
+    }
+
+    @Test
+    fun `truncated 2-byte sequence should throw for top level char`() {
+        // 0xC2 is a valid leading byte for a 2-byte sequence, but we don't
+        // provide the required continuation byte → Unexpected EOF.
+        val bytes = byteArrayOf(0xC2.toByte())
+        val decoder = PackedDecoder(bytes)
+
+        assertFailsWith<IllegalArgumentException> {
+            decoder.decodeSerializableValue(Char.serializer())
+        }
+    }
+
+    @Test
+    fun `invalid continuation byte should throw for top level char`() {
+        // 0xC2 expects a continuation byte (10xxxxxx); 0x41 ('A') is invalid.
+        val bytes = byteArrayOf(0xC2.toByte(), 0x41)
+        val decoder = PackedDecoder(bytes)
+
+        assertFailsWith<IllegalArgumentException> {
+            decoder.decodeSerializableValue(Char.serializer())
+        }
+    }
+
+    @Test
+    fun `encoding nested class with PackedFormat should throw`() {
+        val value = Parent(id = 1, child = Child(2))
+
+        assertFailsWith<IllegalStateException> {
+            PackedFormat.encodeToByteArray(Parent.serializer(), value)
+        }
+    }
+
+    @Test
+    fun `encoding list field with PackedFormat should throw`() {
+        val value = WithList(id = 1, items = listOf(1, 2, 3))
+
+        assertFailsWith<IllegalStateException> {
+            PackedFormat.encodeToByteArray(WithList.serializer(), value)
+        }
+    }
+
+    @Test
+    fun `decoding nested class with PackedFormat should throw`() {
+        // Minimal bytes: a single 0x00 varlong for flags; actual payload is irrelevant
+        // because the decoder rejects nested structures based on the descriptor
+        // before deserializing the nested value.
+        val bytes = byteArrayOf(0x00)
+
+        assertFailsWith<IllegalArgumentException> {
+            PackedFormat.decodeFromByteArray(Parent.serializer(), bytes)
+        }
+    }
+
+    @Test
+    fun `decoding list field with PackedFormat should throw`() {
+        val bytes = byteArrayOf(0x00)
+
+        assertFailsWith<IllegalArgumentException> {
+            PackedFormat.decodeFromByteArray(WithList.serializer(), bytes)
+        }
+    }
 }
