Skip to content

test: stackToFlow malformed-stack revert paths (#328)#478

Open
thedavidmeister wants to merge 1 commit into
mainfrom
2026-06-14-issue-328
Open

test: stackToFlow malformed-stack revert paths (#328)#478
thedavidmeister wants to merge 1 commit into
mainfrom
2026-06-14-issue-328

Conversation

@thedavidmeister

@thedavidmeister thedavidmeister commented Jun 15, 2026

Copy link
Copy Markdown
Contributor

What

Completes test coverage for issue #328 (LibFlow.stackToFlow malformed-stack reverts). Prior work already covered the empty / one-sentinel / two-sentinel paths via testStackToFlowRevertsOnEmptyStack, testStackToFlowRevertsOnOneSentinelOnly, testStackToFlowRevertsOnTwoSentinelsOnly in test/src/concrete/Flow.preview.t.sol. This PR adds the two remaining uncovered sub-cases.

TEST-ONLY: no src/ changes.

Already covered (verified, not duplicated)

  • empty stack, one sentinel, two sentinels — existing testStackToFlowRevertsOn* tests.

Added

  • testStackToFlowRevertsOnMalformedTupleCount — a stack whose top section is not a multiple of the ERC20 tuple size (4). consumeSentinelTuples strides 4 * 0x20 bytes from the top, so the misaligned section makes the ERC20 pass bind to the ERC721 sentinel, the ERC721 pass bind to the ERC1155 sentinel, and the ERC1155 pass find no sentinel left. Asserts the exact MissingSentinel(RAIN_FLOW_SENTINEL) revert.
  • testStackToFlowSentinelInsideTupleCorrupts — a RAIN_FLOW_SENTINEL planted in a tuple field (where the ERC20 amount would be). It is matched as the ERC20 boundary, so the genuine ERC20 sentinel is consumed by the ERC721 pass and the genuine ERC20 tuple is misread as an ERC721 tuple whose token is the truncated sentinel. This path does NOT revert; the test pins the full corrupted FlowTransferV1 (erc20.length=0, erc721.length=1 with the planted-sentinel token + shifted fields, erc1155.length=0).

Mutation matrix

Each new test was mutation-validated against the tuple-count / sentinel-position handling in src/lib/LibFlow.sol (mutations reverted after; src/ is clean in this PR).

Mutation in LibFlow.stackToFlow RevertsOnMalformedTupleCount SentinelInsideTupleCorrupts
ERC20 arity 43 FAIL (killed: no longer reverts) PASS
ERC721 arity 45 PASS FAIL (killed: now reverts MissingSentinel)

Each test is killed by a distinct arity mutation, confirming both are discriminating.

Build / test

  • forge build: clean.
  • forge test --match-contract FlowPreviewTest: 13 passed, 0 failed (11 pre-existing + 2 new).

Pre-existing reds on main (NOT introduced here)

  • rainix-sol-static (slither) is red on main; PR fix: remove redundant statement flagged by slither (unblocks rainix-sol-static) #476 fixes it (unmerged).
  • forge test on main also has one pre-existing fuzz red, testFlowBasicValidateMultipleSignedContexts in test/src/concrete/Flow.signedContext.t.sol ("next call did not revert as expected", deterministic under the fixed 0xdeadbeef seed). Confirmed to fail on a clean 772e568b checkout with this branch's change stashed, so it is unrelated to and untouched by these test additions. No issue currently tracks it.

Closes #328

🤖 Generated with Claude Code

@thedavidmeister @claude
test malformed-stack revert paths in stackToFlow
12e8f0e 
Cover the two remaining uncovered stackToFlow malformed-stack
sub-cases for issue #328: a non-sentinel-aligned tuple count
(reverts MissingSentinel) and a sentinel planted inside a tuple
field (silently shifts and corrupts the parsed sections).

Closes #328

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@thedavidmeister thedavidmeister self-assigned this Jun 15, 2026
@coderabbitai

coderabbitai Bot commented Jun 15, 2026

Copy link
Copy Markdown

Warning

Review limit reached

@thedavidmeister, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 8 minutes and 20 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 517b856a-8a1c-4626-9605-19f38be5b7c2

📥 Commits

Reviewing files that changed from the base of the PR and between 772e568 and 12e8f0e.

📒 Files selected for processing (1)
  • test/src/concrete/Flow.preview.t.sol
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch 2026-06-14-issue-328

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@thedavidmeister thedavidmeister

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[A23-1] [HIGH] LibFlow.stackToFlow: malformed-stack revert paths uncovered

1 participant

@thedavidmeister