Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Field as {u8, u16, ...} can cause security bugs #6219

Open
jewelofchaos9 opened this issue Oct 3, 2024 · 0 comments
Open

Field as {u8, u16, ...} can cause security bugs #6219

jewelofchaos9 opened this issue Oct 3, 2024 · 0 comments

Comments

@jewelofchaos9
Copy link

jewelofchaos9 commented Oct 3, 2024
edited
Loading

Problem

Casting variable from Field to u8, u16, u32 or u64 should throw an error, if variable doesn't fit.

Expected Behavior

Error on casting of unfittable variables (not in 0..255 for u8 as example)

Bug

use dep::std;

fn main(
) {
}

#[test]
fn test_main() {
    assert((0 - 1) as u8 == 0);
    let zero_array: [u8; 32] = [0 as u8; 32];
    let neg_ones_array: [u8; 32] = [(-1) as u8; 32];
    let zero_hash = std::hash::sha256_var(zero_array, 1);
    let neg_ones_hash = std::hash::sha256_var(neg_ones_array, 1);
    assert(zero_hash == neg_ones_hash);

    assert((256) as u8 == 0);
}

Or from awesome-noir example
ships represented as u4 first, then as Field

To Reproduce

  1. Create Noir project for program written in bug section.
  2. Run nargo test

Environment

nargo version = 0.35.0 
noirc version = 0.35.0+2a0d211b92d002fa75855d4ba27267f8892dd52c (git version hash: 2a0d211b92d002fa75855d4ba27267f8892dd52c, is dirty: false)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Noir
Status: 📋 Backlog
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jewelofchaos9