@solana/web3.js 1.50.1 → 1.50.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@solana/web3.js",
-  "version": "1.50.1",
+  "version": "1.50.2",
   "description": "Solana Javascript API",
   "keywords": [
     "api",
@@ -36,26 +36,6 @@
     "/lib",
     "/src"
   ],
-  "scripts": {
-    "build": "npm run clean; cross-env NODE_ENV=production rollup -c; npm run type:gen",
-    "build:fixtures": "set -ex; ./test/fixtures/noop-program/build.sh",
-    "clean": "rimraf ./coverage ./lib",
-    "codecov": "set -ex; npm run test:cover; cat ./coverage/lcov.info | codecov",
-    "dev": "cross-env NODE_ENV=development rollup -c",
-    "doc": "set -ex; typedoc --treatWarningsAsErrors",
-    "type:gen": "./scripts/typegen.sh",
-    "lint": "set -ex; npm run pretty; eslint . --ext .js,.ts",
-    "lint:fix": "npm run pretty:fix && eslint . --fix --ext .js,.ts",
-    "type:check": "tsc -p tsconfig.json --noEmit",
-    "ok": "run-s lint test doc type:check",
-    "pretty": "prettier --check '{,{src,test}/**/}*.{j,t}s'",
-    "pretty:fix": "prettier --write '{,{src,test}/**/}*.{j,t}s'",
-    "re": "semantic-release --repository-url git@github.com:solana-labs/solana-web3.js.git",
-    "test": "cross-env TS_NODE_COMPILER_OPTIONS='{ \"module\": \"commonjs\", \"target\": \"es2019\" }' ts-mocha --require esm './test/**/*.test.ts'",
-    "test:cover": "nyc --reporter=lcov npm run test",
-    "test:live": "TEST_LIVE=1 npm run test",
-    "test:live-with-test-validator": "start-server-and-test 'solana-test-validator --reset --quiet' http://localhost:8899/health test:live"
-  },
   "dependencies": {
     "@babel/runtime": "^7.12.5",
     "@ethersproject/sha2": "^5.5.0",
@@ -140,5 +120,25 @@
   },
   "engines": {
     "node": ">=12.20.0"
+  },
+  "scripts": {
+    "build": "npm run clean; cross-env NODE_ENV=production rollup -c; npm run type:gen",
+    "build:fixtures": "set -ex; ./test/fixtures/noop-program/build.sh",
+    "clean": "rimraf ./coverage ./lib",
+    "codecov": "set -ex; npm run test:cover; cat ./coverage/lcov.info | codecov",
+    "dev": "cross-env NODE_ENV=development rollup -c",
+    "doc": "set -ex; typedoc --treatWarningsAsErrors",
+    "type:gen": "./scripts/typegen.sh",
+    "lint": "set -ex; npm run pretty; eslint . --ext .js,.ts",
+    "lint:fix": "npm run pretty:fix && eslint . --fix --ext .js,.ts",
+    "type:check": "tsc -p tsconfig.json --noEmit",
+    "ok": "run-s lint test doc type:check",
+    "pretty": "prettier --check '{,{src,test}/**/}*.{j,t}s'",
+    "pretty:fix": "prettier --write '{,{src,test}/**/}*.{j,t}s'",
+    "re": "semantic-release --repository-url git@github.com:solana-labs/solana-web3.js.git",
+    "test": "cross-env TS_NODE_COMPILER_OPTIONS='{ \"module\": \"commonjs\", \"target\": \"es2019\" }' ts-mocha --require esm './test/**/*.test.ts'",
+    "test:cover": "nyc --reporter=lcov npm run test",
+    "test:live": "TEST_LIVE=1 npm run test",
+    "test:live-with-test-validator": "start-server-and-test 'solana-test-validator --reset --quiet' http://localhost:8899/health test:live"
   }
-}
+}

package/src/message.ts

@@ -8,6 +8,7 @@ import * as Layout from './layout';
 import {PACKET_DATA_SIZE} from './transaction-constants';
 import * as shortvec from './util/shortvec-encoding';
 import {toBuffer} from './util/to-buffer';
+import {guardedShift, guardedSplice} from './util/guarded-array-utils';
 
 /**
  * The message header, identifying signed and read-only account
@@ -222,32 +223,28 @@ export class Message {
     // Slice up wire data
     let byteArray = [...buffer];
 
-    const numRequiredSignatures = byteArray.shift() as number;
-    const numReadonlySignedAccounts = byteArray.shift() as number;
-    const numReadonlyUnsignedAccounts = byteArray.shift() as number;
+    const numRequiredSignatures = guardedShift(byteArray);
+    const numReadonlySignedAccounts = guardedShift(byteArray);
+    const numReadonlyUnsignedAccounts = guardedShift(byteArray);
 
     const accountCount = shortvec.decodeLength(byteArray);
     let accountKeys = [];
     for (let i = 0; i < accountCount; i++) {
-      const account = byteArray.slice(0, PUBKEY_LENGTH);
-      byteArray = byteArray.slice(PUBKEY_LENGTH);
+      const account = guardedSplice(byteArray, 0, PUBKEY_LENGTH);
       accountKeys.push(bs58.encode(Buffer.from(account)));
     }
 
-    const recentBlockhash = byteArray.slice(0, PUBKEY_LENGTH);
-    byteArray = byteArray.slice(PUBKEY_LENGTH);
+    const recentBlockhash = guardedSplice(byteArray, 0, PUBKEY_LENGTH);
 
     const instructionCount = shortvec.decodeLength(byteArray);
     let instructions: CompiledInstruction[] = [];
     for (let i = 0; i < instructionCount; i++) {
-      const programIdIndex = byteArray.shift() as number;
+      const programIdIndex = guardedShift(byteArray);
       const accountCount = shortvec.decodeLength(byteArray);
-      const accounts = byteArray.slice(0, accountCount);
-      byteArray = byteArray.slice(accountCount);
+      const accounts = guardedSplice(byteArray, 0, accountCount);
       const dataLength = shortvec.decodeLength(byteArray);
-      const dataSlice = byteArray.slice(0, dataLength);
+      const dataSlice = guardedSplice(byteArray, 0, dataLength);
       const data = bs58.encode(Buffer.from(dataSlice));
-      byteArray = byteArray.slice(dataLength);
       instructions.push({
         programIdIndex,
         accounts,

package/src/transaction.ts

@@ -15,6 +15,7 @@ import invariant from './util/assert';
 import type {Signer} from './keypair';
 import type {Blockhash} from './blockhash';
 import type {CompiledInstruction} from './message';
+import {guardedSplice} from './util/guarded-array-utils';
 
 /**
  * Transaction signature as base-58 encoded string
@@ -808,8 +809,7 @@ export class Transaction {
     const signatureCount = shortvec.decodeLength(byteArray);
     let signatures = [];
     for (let i = 0; i < signatureCount; i++) {
-      const signature = byteArray.slice(0, SIGNATURE_LENGTH_IN_BYTES);
-      byteArray = byteArray.slice(SIGNATURE_LENGTH_IN_BYTES);
+      const signature = guardedSplice(byteArray, 0, SIGNATURE_LENGTH_IN_BYTES);
       signatures.push(bs58.encode(Buffer.from(signature)));
     }
 

package/src/util/guarded-array-utils.ts

@@ -0,0 +1,34 @@
+const END_OF_BUFFER_ERROR_MESSAGE = 'Reached end of buffer unexpectedly';
+
+/**
+ * Delegates to `Array#shift`, but throws if the array is zero-length.
+ */
+export function guardedShift<T>(byteArray: T[]): T {
+  if (byteArray.length === 0) {
+    throw new Error(END_OF_BUFFER_ERROR_MESSAGE);
+  }
+  return byteArray.shift() as T;
+}
+
+/**
+ * Delegates to `Array#splice`, but throws if the section being spliced out extends past the end of
+ * the array.
+ */
+export function guardedSplice<T>(
+  byteArray: T[],
+  ...args:
+    | [start: number, deleteCount?: number]
+    | [start: number, deleteCount: number, ...items: T[]]
+): T[] {
+  const [start] = args;
+  if (
+    args.length === 2 // Implies that `deleteCount` was supplied
+      ? start + (args[1] ?? 0) > byteArray.length
+      : start >= byteArray.length
+  ) {
+    throw new Error(END_OF_BUFFER_ERROR_MESSAGE);
+  }
+  return byteArray.splice(
+    ...(args as Parameters<typeof Array.prototype.splice>),
+  );
+}

package/src/validator-info.ts

@@ -9,6 +9,7 @@ import {
 import * as Layout from './layout';
 import * as shortvec from './util/shortvec-encoding';
 import {PublicKey} from './publickey';
+import {guardedShift, guardedSplice} from './util/guarded-array-utils';
 
 export const VALIDATOR_INFO_KEY = new PublicKey(
   'Va1idator1nfo111111111111111111111111111111',
@@ -85,10 +86,10 @@ export class ValidatorInfo {
 
     const configKeys: Array<ConfigKey> = [];
     for (let i = 0; i < 2; i++) {
-      const publicKey = new PublicKey(byteArray.slice(0, PUBKEY_LENGTH));
-      byteArray = byteArray.slice(PUBKEY_LENGTH);
-      const isSigner = byteArray.slice(0, 1)[0] === 1;
-      byteArray = byteArray.slice(1);
+      const publicKey = new PublicKey(
+        guardedSplice(byteArray, 0, PUBKEY_LENGTH),
+      );
+      const isSigner = guardedShift(byteArray) === 1;
       configKeys.push({publicKey, isSigner});
     }