Fix parseStructTag to reject malformed inputs#898
Open
Danny-Devs wants to merge 1 commit intoMystenLabs:mainfrom
Open
Fix parseStructTag to reject malformed inputs#898Danny-Devs wants to merge 1 commit intoMystenLabs:mainfrom
Danny-Devs wants to merge 1 commit intoMystenLabs:mainfrom
Conversation
parseStructTag silently accepted inputs with empty components (e.g. ::foo::Bar, where the empty address normalized to 0x0) and inputs with trailing content after type parameters (e.g. Coin<u8>GARBAGE). Add validation for non-empty address/module/name and verify type parameter brackets end the string. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
parseStructTagsilently accepted inputs with empty components (e.g.::foo::Bar, where the empty address normalized to0x0) and inputs with trailing content after type parameters (e.g.Coin<u8>GARBAGE). Both cases produced structurally incorrectStructTagobjects without raising an error.This adds two validation guards:
Empty component rejection: After splitting on
::, validate thataddressandmoduleare non-empty strings. Previously,::foo::Barwould silently have its empty address padded to0x0bynormalizeSuiAddress("").Trailing content rejection: After extracting
name, validate that if type parameters exist (<...>), the string ends with>. Previously,Coin<u8>GARBAGEwould silently drop the trailing content.Both throw
Error('Invalid struct tag: ${type}'), consistent with the existing error for inputs with fewer than 3::segments.Test plan
Added 6 test cases to
test/unit/types/common.test.ts:Empty component rejection:
::foo::Bar— empty address0x2::::Bar— empty module0x2::foo::— empty nameTrailing content rejection:
0x2::coin::Coin<u8>GARBAGE— trailing characters0x2::foo::Bar<bool>— trailing space0x2::foo::Bar<u64>xyz— trailing alphanumericAll 290 unit tests pass. Full e2e suite (722 tests) verified against local Sui network via Testcontainers — zero regressions.