From b015274e3b39482ea03fcfda6e525b78c7ad996e Mon Sep 17 00:00:00 2001
From: modeco80 <lily.modeco80@protonmail.ch>
Date: Thu, 6 Mar 2025 16:46:09 -0500
Subject: [PATCH] cvm-rs: Fix out of bound element length scanning

Also, add a unit test just to make sure this doesn't happen again.
---
 cvm-rs/src/guac.rs | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/cvm-rs/src/guac.rs b/cvm-rs/src/guac.rs
index a83517b..67b6572 100644
--- a/cvm-rs/src/guac.rs
+++ b/cvm-rs/src/guac.rs
@@ -92,6 +92,12 @@ pub fn decode_instruction(element_string: &String) -> DecodeResult<Elements> {
 		// We bound this anyways and do quite the checks, so even though it's not great,
 		// it should be generally fine (TM).
 		loop {
+			// Make sure scanning the element length does not try to 
+			// go out of bounds.
+			if current_position >= chars.len() {
+				return Err(DecodeError::InvalidFormat);
+			}
+
 			let c = chars[current_position];
 
 			if c >= '0' && c <= '9' {
@@ -103,6 +109,7 @@ pub fn decode_instruction(element_string: &String) -> DecodeResult<Elements> {
 
 				return Err(DecodeError::InvalidFormat);
 			}
+
 			current_position += 1;
 		}
 
@@ -189,4 +196,11 @@ mod tests {
 		assert!(res.is_ok());
 		assert_eq!(res.unwrap(), vec);
 	}
+
+	#[test]
+	fn out_of_bounds_element_does_not_panic() {
+		let element_string = "0".into();
+		let res = decode_instruction(&element_string);
+		assert!(res.is_err());
+	}
 }