Skip to content

comptime slice oob check is off-by-one #4697

New issue
New issue
Open
Open
comptime slice oob check is off-by-one#4697
Labels
needs triageneeds triage
@cyberthirst

Description

@cyberthirst
cyberthirst
opened on Jun 15, 2025

Version Information

  • vyper Version (output of vyper --version): 14a4ca6

What's your issue about?

Per @trocher:

In Slice.fetch_call_return, the following bounds check contains an off-by-one error that makes it
less precise than it could be:

if start_literal is not None:
    if start_literal > arg_type.length:
        raise ArgumentException(f"slice out of bounds for {arg_type}", start_expr)
    if length_literal is not None and start_literal + length_literal > arg_type.length:
        raise ArgumentException(f"slice out of bounds for {arg_type}", node)

The condition start_literal > arg_type.length could be made more precise by checking
start_literal >= arg_type.length instead. This is because a slice is out of bounds when the
start index is equal to the length of the array, not just when it exceeds the length.

Metadata

Metadata

Assignees

No one assigned

    Labels

    needs triageneeds triage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions