Merge branch 'main' into codex/update-bitvectordata-from_bytes-validation

somethingelseentirely · web-flow · commit bdcbbb160131 · 2025-09-26T20:48:48.000+02:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,7 @@
 ## Unreleased
 - Added metadata validation in `BitVectorData::from_bytes` to reject lengths
   exceeding the stored capacity and covered the case with a regression test.
+- Guarded `CompactVector::from_bytes` against metadata bit-length overflow.
 - Removed the `anyhow` dependency in favor of crate-defined errors and updated
   `Serializable` to expose an associated error type for reconstruction.
 - Prevent panic in `DacsByte::len` by handling empty level lists gracefully.
diff --git a/src/int_vectors/compact_vector.rs b/src/int_vectors/compact_vector.rs
@@ -458,7 +458,10 @@ impl Serializable for CompactVector {
     }
 
     fn from_bytes(meta: Self::Meta, bytes: Bytes) -> Result<Self> {
-        let data_len = meta.len * meta.width;
+        let data_len = meta
+            .len
+            .checked_mul(meta.width)
+            .ok_or_else(|| Error::invalid_metadata("len * width overflowed"))?;
         let data = BitVectorData::from_bytes(
             BitVectorDataMeta {
                 len: data_len,
@@ -710,4 +713,16 @@ mod tests {
         let other = CompactVector::from_bytes(meta, bytes).unwrap();
         assert_eq!(cv, other);
     }
+
+    #[test]
+    fn from_bytes_rejects_overflowing_metadata() {
+        let cv = CompactVector::from_slice(&[1]).unwrap();
+        let mut meta = cv.metadata();
+        meta.len = usize::MAX;
+        meta.width = 2;
+        let bytes = cv.chunks.data.words.clone().bytes();
+
+        let err = CompactVector::from_bytes(meta, bytes).unwrap_err();
+        assert!(matches!(err, Error::InvalidMetadata(_)));
+    }
 }
