From 4234244a96bcaa5f8a316edbc3315f2ec312a5e2 Mon Sep 17 00:00:00 2001
From: Chris Dickinson <christopher.s.dickinson@gmail.com>
Date: Mon, 28 Sep 2020 10:08:32 -0700
Subject: [PATCH] Revert "Revert "add bounds checking to encode and decode""

This reverts commit 614645bb0389c8059a89dff80ed7ee308ff8a730.
---
 decode.js |  2 +-
 encode.js |  4 ++++
 test.js   | 23 ++++++++++++++++++++---
 3 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/decode.js b/decode.js
index 4d274c2..80d49f2 100644
--- a/decode.js
+++ b/decode.js
@@ -12,7 +12,7 @@ function read(buf, offset) {
     , l = buf.length
 
   do {
-    if (counter >= l) {
+    if (counter >= l || shift > 49) {
       read.bytes = 0
       throw new RangeError('Could not decode varint')
     }
diff --git a/encode.js b/encode.js
index d395723..f4ecb8d 100644
--- a/encode.js
+++ b/encode.js
@@ -6,6 +6,10 @@ var MSB = 0x80
   , INT = Math.pow(2, 31)
 
 function encode(num, out, offset) {
+  if (num > Number.MAX_SAFE_INTEGER) {
+    encode.bytes = 0
+    throw new RangeError('Could not encode varint')
+  }
   out = out || []
   offset = offset || 0
   var oldOffset = offset
diff --git a/test.js b/test.js
index 0138ff4..a55c03c 100644
--- a/test.js
+++ b/test.js
@@ -77,7 +77,6 @@ test('big integers', function (assert) {
   var bigs = []
   for(var i = 32; i <= 53; i++) (function (i) {
     bigs.push(Math.pow(2, i) - 1)
-    bigs.push(Math.pow(2, i))
   })(i)
 
   bigs.forEach(function (n) {
@@ -93,7 +92,7 @@ test('fuzz test - big', function(assert) {
   var expect
     , encoded
 
-  var MAX_INTD = Math.pow(2, 55)
+  var MAX_INTD = Number.MAX_SAFE_INTEGER
   var MAX_INT = Math.pow(2, 31)
 
   for(var i = 0, len = 100; i < len; ++i) {
@@ -110,7 +109,7 @@ test('fuzz test - big', function(assert) {
 test('encodingLength', function (assert) {
 
   for(var i = 0; i <= 53; i++) {
-    var n = Math.pow(2, i)
+    var n = Math.pow(2, i) - 1
     assert.equal(encode(n).length, encodingLength(n))
   }
 
@@ -134,6 +133,24 @@ test('buffer too short', function (assert) {
   assert.end()
 })
 
+test('buffer too long', function (assert) {
+
+  var buffer = Uint8Array.from(
+    Array.from({length: 150}, function () { return 0xff })
+      .concat(Array.from({length: 1}, function () { return 0x1 }))
+  )
+
+  try {
+    var val = decode(buffer)
+    encode(val)
+    assert.fail('expected an error received value instead: ' + val)
+  } catch (err) {
+    assert.equal(err.constructor, RangeError)
+    assert.equal(decode.bytes, 0)
+  }
+  assert.end()
+})
+
 function randint(range) {
   return Math.floor(Math.random() * range)
 }