Check invariants after deserialization

[Mrmaxmeier]

Xref: solana-labs/solana#8873

The travis failure seems unrelated.

[ryoqun]

@tov Hi, thanks for maintaining this crate! To add more context, this is a DoS remote-exploitable vulnerability when directly exposed to an untrusted byte stream upon the consumption of such badly-deserialized BitVecs.

When len is abnormally out of range of bits (which could happen currently by deserializing a mal-formed BitVec), a BitVec illegally accesses memory causing a SEGV like this. So, we're currently [patch]-ing this PR, hoping to be fiexed upstream in some near future. For that purpose, I'm really eager to lend some hands like writing tests.

@Mrmaxmeier Last but least, thanks for writing a PR for us. :) I've confirmed this PR actually fixes the security hole and I think this is a correct solution to it.

[tov]

@Mrmaxmeier, thanks for the PR and nice catch @ryoqun, thanks for the explanation. I’m going to read the changes and look into the CI failure, and then presumably merge this and release.

[ryoqun]

@Mrmaxmeier I think rebasing this on the recently-merged commit solves the CI failure. :)

[ryoqun]

@Mrmaxmeier I think rebasing this on the recently-merged commit solves the CI failure. :)

@Mrmaxmeier Thanks for doing so!

@tov Our side's job got done; Now please merge and release in your convenient time. :) Or is there other concerns?

[tov]

Sorry for being slow—it’s the end of the quarter. I was hoping to write some tests, but I will release now and do that later. Thanks!

[mvines]

woot, thanks @tov!