Skip to content

[Bug] Long input to zencode_exec are truncated by terminal #1156

New issue
New issue
Closed
Closed
[Bug] Long input to zencode_exec are truncated by terminal#1156
@matteo-cristino

Description

@matteo-cristino
matteo-cristino
opened on Dec 4, 2025

When using the zencode_exec executable by running ./zencode_exec and then adding the input one by one can cause problem when input exceed the terminal input limit, for example my terminal limit seems to be 4096 and zencode-exec returned

Invalid input base64 encoding

beacuse my input was truncated...

Something similar, but not yet sure on what is happening is when using zencode-exec from go bidings.

To reproduce locally use

  • Contract:
# SPDX-License-Identifier: AGPL-3.0-or-later
# Copyright (C) 2022-2023 Dyne.org foundation <foundation@dyne.org>.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.

Scenario eddsa: verify the signature of a graph query

Given I have a 'base64' named 'gql'
Given I have a 'base64' named 'eddsa signature'
Given I have a 'base58' named 'eddsa public key'

# check that the graph query is reentrant
# When I create the count of char '{' found in 'graphql'
# and I rename 'count' to 'open'
# and I create the count of char '}' found in 'graphql'
# and I remove 'count'
# and I remove 'open'
# When I create the count of char '(' found in 'graphql'
# and I rename 'count' to 'open'
# and I create the count of char ')' found in 'graphql'
# and I remove 'count'
# and I remove 'open'
# When I create the count of char '[' found in 'graphql'
# and I rename 'count' to 'open'
# and I create the count of char ']' found in 'graphql'
# and I verify 'count' is equal to 'open'

# Fix Apollo's mingling with query string
When I remove spaces in 'gql'
and I compact ascii strings in 'gql'
When I verify the 'gql' has a eddsa signature in 'eddsa signature' by 'eddsa public key'

Then print the string '1'
  • keys
{
  "gql":"eyJwYWNrYWdpbmciOnsicmVjeWNsYWJsZVBhY2thZ2luZyI6eyJ0eXBlIjoiVGV4dCJ9LCJtaW5pbXVtUmVjeWNsZWRDb250ZW50Ijp7InR5cGUiOiJUZXh0In0sImRpc3Bvc2FsSW5zdHJ1Y3Rpb25zIjp7InR5cGUiOiJUZXh0In0sImNoZW1pY2FsQ29uc3VtcHRpb24iOnsiaW5ncmVkaWVudCI6eyJ0eXBlIjoiVGV4dCJ9LCJhbW91bnQiOnsidHlwZSI6IlRleHQifX19LCJpbmdyZWRpZW50cyI6eyJwcmVzZW5jZU9mTm9uQmlvZGVncmFkYWJsZU1pY3JvcGxhc3RpY3MiOnsidHlwZSI6IlRleHQifSwibWluaW11bUNvbnRlbnRPZkJpb2RlZ3JhZGFibGVTdWJzdGFuY2VzIjp7InR5cGUiOiJUZXh0In0sImluZ3JlZGllbnRMaXN0Ijp7InR5cGUiOiJUZXh0In19LCJkb3NhZ2VJbnN0cnVjdGlvbnMiOnsidXNhZ2VBbmREaXNwb3NhbEluZm8iOnsidHlwZSI6IlRleHQifX0sImNvbnN1bWVySW5mb3JtYXRpb24iOnsibWFya2V0aW5nQ2xhaW0iOnsidHlwZSI6IlRleHQifX0sInJlY3ljbGluZ0luZm9ybWF0aW9uIjp7ImRhdGVPZlJlY3ljbGluZyI6eyJ0eXBlIjoiVGV4dCJ9LCJwZXJmb3JtZWRBY3Rpb24iOnsidHlwZSI6IlRleHQifX0sInJlZnVyYmlzaG1lbnRJbmZvcm1hdGlvbiI6eyJkYXRlT2ZSZWZ1cmJpc2htZW50Ijp7InR5cGUiOiJUZXh0In0sIm1hdGVyaWFsc1VzZWQiOnsidHlwZSI6IlRleHQifSwicGVyZm9ybWVkQWN0aW9uIjp7InR5cGUiOiJUZXh0In19LCJyZXBhaXJJbmZvcm1hdGlvbiI6eyJkYXRlT2ZSZXBhaXIiOnsidHlwZSI6IlRleHQifSwibWF0ZXJpYWxzVXNlZCI6eyJ0eXBlIjoiVGV4dCJ9LCJwZXJmb3JtZWRBY3Rpb24iOnsidHlwZSI6IlRleHQifSwicmVhc29uRm9yUmVwYWlyIjp7InR5cGUiOiJUZXh0In19LCJlY29ub21pY09wZXJhdG9yIjp7ImNvbnRhY3RJbmZvcm1hdGlvbiI6eyJ0eXBlIjoiVGV4dCJ9LCJhZGRyZXNzTGluZTIiOnsidHlwZSI6IlRleHQifSwiYWRkcmVzc0xpbmUxIjp7InR5cGUiOiJUZXh0In0sImVvcmlOdW1iZXIiOnsidHlwZSI6IlRleHQifSwiZ2xuIjp7InR5cGUiOiJUZXh0In0sImNvbXBhbnlOYW1lIjp7InR5cGUiOiJUZXh0In19LCJlbmVyZ3lVc2VBbmRFZmZpY2llbmN5Ijp7ImRjVm9sdGFnZSI6eyJ0eXBlIjoiVGV4dCJ9LCJwb3dlclJhdGluZyI6eyJ0eXBlIjoiVGV4dCJ9LCJtYXhpbXVtQ3VycmVudCI6eyJ0eXBlIjoiVGV4dCJ9LCJtYXhpbXVtVm9sdGFnZSI6eyJ0eXBlIjoiVGV4dCJ9LCJtYXhpbXVtRWxlY3RyaWNhbFBvd2VyIjp7InR5cGUiOiJUZXh0In0sImNoYXJnZXJUeXBlIjp7InR5cGUiOiJUZXh0In0sImJhdHRlcnlMaWZlIjp7InR5cGUiOiJUZXh0In0sImJhdHRlcnlDaGFyZ2luZ1RpbWUiOnsidHlwZSI6IlRleHQifSwiYmF0dGVyeVR5cGUiOnsidHlwZSI6IlRleHQifX0sInJlY3ljbGFiaWxpdHkiOnsic3Vic3RhbmNlc09mQ29uY2VybiI6eyJ0eXBlIjoiVGV4dCJ9LCJtYXRlcmlhbENvbXBvc2l0aW9uIjp7InR5cGUiOiJUZXh0In0sInJlY3ljbGluZ0luc3RydWN0aW9ucyI6eyJ0eXBlIjoiVGV4dCJ9fSwiY2VydGlmaWNhdGVzIjp7Im5hbWVPZkNlcnRpZmljYXRlIjp7InR5cGUiOiJUZXh0In19LCJjb21wbGlhbmNlQW5kU3RhbmRhcmRzIjp7InJvaHNDb21wbGlhbmNlIjp7InR5cGUiOiJUZXh0In0sImNlTWFya2luZyI6eyJ0eXBlIjoiVGV4dCJ9fSwiZW52aXJvbm1lbnRhbEltcGFjdCI6eyJtaW5pbXVtQ29udGVudE9mTWF0ZXJpYWxXaXRoU3VzdGFpbmFiaWxpdHlDZXJ0aWZpY2F0aW9uIjp7InR5cGUiOiJUZXh0In0sImNsZWFuaW5nUGVyZm9ybWFuY2VBdExvd1RlbXBlcmF0dXJlIjp7InR5cGUiOiJUZXh0In0sImVuZXJneUNvbnN1bXB0aW9uUGVyVW5pdCI6eyJ0eXBlIjoiVGV4dCJ9LCJjbzJlRW1pc3Npb25zUGVyVW5pdCI6eyJ0eXBlIjoiVGV4dCJ9LCJjaGVtaWNhbENvbnN1bXB0aW9uUGVyVW5pdCI6eyJ0eXBlIjoiVGV4dCJ9LCJ3YXRlckNvbnN1bXB0aW9uUGVyVW5pdCI6eyJ0eXBlIjoiVGV4dCJ9fSwicmVwYXJhYmlsaXR5Ijp7ImF2YWlsYWJpbGl0eU9mU3BhcmVQYXJ0cyI6eyJ0eXBlIjoiVGV4dCJ9LCJzZXJ2aWNlQW5kUmVwYWlySW5zdHJ1Y3Rpb25zIjp7InR5cGUiOiJUZXh0In19LCJwcm9kdWN0T3ZlcnZpZXciOnsieWVhck9mU2FsZSI6eyJ2YWx1ZSI6bnVsbCwidHlwZSI6IlRleHQifSwibmV0Q29udGVudEFuZFVuaXRPZk1lYXN1cmUiOnsidmFsdWUiOm51bGwsInR5cGUiOiJUZXh0In0sImNvbnN1bWVyVW5pdCI6eyJ2YWx1ZSI6bnVsbCwidHlwZSI6IlRleHQifSwic2FmZXR5SW5zdHJ1Y3Rpb25zIjp7InZhbHVlIjpudWxsLCJ0eXBlIjoiVGV4dCJ9LCJ3YXJyYW50eUR1cmF0aW9uIjp7InVuaXRzIjpudWxsLCJ2YWx1ZSI6bnVsbCwidHlwZSI6IlRleHQifSwidG9ycXVlIjp7InZhbHVlIjpudWxsLCJ0eXBlIjoiVGV4dCJ9LCJudW1iZXJPZkdlYXJzIjp7InZhbHVlIjpudWxsLCJ0eXBlIjoiVGV4dCJ9LCJtYXhpbXVtRHJpbGxpbmdEaWFtZXRlciI6eyJ2YWx1ZSI6bnVsbCwidHlwZSI6IlRleHQifSwibm9taW5hbE1heGltdW1SUE0iOnsidmFsdWUiOm51bGwsInR5cGUiOiJUZXh0In0sIm5ldENvbnRlbnQiOnsidW5pdHMiOm51bGwsInZhbHVlIjpudWxsLCJ0eXBlIjoiVGV4dCJ9LCJjb25kaXRpb25PZlRoZVByb2R1Y3QiOnsidmFsdWUiOm51bGwsInR5cGUiOiJUZXh0In0sInRhcmljQ29kZSI6eyJ2YWx1ZSI6bnVsbCwidHlwZSI6IlRleHQifSwibW9kZWxOYW1lIjp7InZhbHVlIjpudWxsLCJ0eXBlIjoiVGV4dCJ9LCJkaW1lbnNpb25zIjp7InZhbHVlIjpudWxsLCJ0eXBlIjoiVGV4dCJ9LCJjb3VudHJ5T2ZPcmlnaW4iOnsidmFsdWUiOm51bGwsInR5cGUiOiJUZXh0In0sImNvbG9yIjp7InZhbHVlIjpudWxsLCJ0eXBlIjoiVGV4dCJ9LCJndGluIjp7InZhbHVlIjpudWxsLCJ0eXBlIjoiVGV4dCJ9LCJuZXRXZWlnaHQiOnsidW5pdHMiOm51bGwsInZhbHVlIjpudWxsLCJ0eXBlIjoiVGV4dCJ9LCJwcm9kdWN0TmFtZSI6eyJ2YWx1ZSI6bnVsbCwidHlwZSI6IlRleHQifSwicHJvZHVjdERlc2NyaXB0aW9uIjp7InZhbHVlIjpudWxsLCJ0eXBlIjoiVGV4dCJ9LCJjb3VudHJ5T2ZTYWxlIjp7InZhbHVlIjpudWxsLCJ0eXBlIjoiVGV4dCJ9LCJnbG9iYWxQcm9kdWN0Q2xhc3NpZmljYXRpb25Db2RlIjp7InZhbHVlIjpudWxsLCJ0eXBlIjoiVGV4dCJ9LCJwcm9kdWN0SW1hZ2UiOnsidHlwZSI6IlRleHQifSwiYnJhbmROYW1lIjp7InZhbHVlIjoicHJvdmEiLCJ0eXBlIjoiVGV4dCJ9fX0=",
  "eddsa_signature":"wCi4of9f/LzVp882xRtEDkvUPf4BeWfDU+shcAbgMIGJaliEh+TEC3V12ToFD6h3/T8SSEIhn5m6KW7XfxlSDg==",
  "eddsa_public_key":"5yPoEPQQgTnqnGWjJwucZ67bQsoGHh65Nz6Ak2vLoYtc"
}

and you will obtain a *** buffer overflow detected ***: terminated error

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions