Dead flat code has bugs in it #7542
Description
The following program:
{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE TemplateHaskell #-}
module Main (main) where
import GHC.Generics (Generic)
import Language.Haskell.TH (conT, cxt, dataD, derivClause, mkName, normalC)
import PlutusCore.Flat (Decoded, Flat, flat, unflat)
$( do
let tyName = mkName "Big512"
mkCon i = normalC (mkName ("C" <> show i)) []
cons = mkCon <$> [0 .. (511 :: Int)]
dec <- dataD (cxt []) tyName [] Nothing cons [derivClause Nothing [conT ''Show, conT ''Generic]]
pure [dec]
)
instance Flat Big512
data Attack = Attack Bool Bool Bool Bool Bool Bool Bool Big512
deriving (Show, Generic)
instance Flat Attack
main :: IO ()
main = do
let bs = flat (Attack False False False False False False False C0)
putStrLn "about to unflat an infinite loop"
print (unflat bs :: Decoded Attack)consumes all available memory and crashes. I.e. deserializing large enum types is as unsafe as it gets using the derived Flat instance.
Now this isn't really a security issue, because you need a really large enum and you need to use the derived Flat instance, none of that happens in the actual UPLC code.
But this is a bug in the flat library and it's sitting there distracting people like me who're trying to find real issues with the code base.
Please remove all this dead code, you don't need these bugs randomly lying around there.