json unmarshaller accepts (and overflows) oversized decimal input

```go
package main

import (
    "github.com/holiman/uint256"
    "encoding/json"
    "fmt"
)

func main() {
    var v1, v2 uint256.Int

    // As hex
    if err := json.Unmarshal([]byte("\"0x10000000000000000000000000000000000000000000000000000000000000001\""), &v1); err != nil {
        fmt.Println(err)
    }

    // As decimal
    if err := json.Unmarshal([]byte("115792089237316195423570985008687907853269984665640564039457584007913129639937"), &v2); err != nil {
        return
    }
    fmt.Println("As string:", v2.String()) // Prints 1
}
```

The decimal number being deserialized here is 2**256+1, which exceeds the width of `uint256.Int`. Ideally `json.Unmarshal` should return an error for any oversized input but instead it appears to overflow the number.

The same value as a hex value is correctly rejected.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

json unmarshaller accepts (and overflows) oversized decimal input #184

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

json unmarshaller accepts (and overflows) oversized decimal input #184

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions