chore: add DecoderConfig when decoding candid in canister code

Author: mraszyk

rs/nns/governance/canister/canister.rs

@@ -31,7 +31,7 @@ use ic_nns_common::{
 };
 use ic_nns_constants::LEDGER_CANISTER_ID;
 use ic_nns_governance::{
-    encode_metrics,
+    decoder_config, encode_metrics,
     governance::{
         BitcoinNetwork, BitcoinSetConfigProposal, Environment, Governance, HeapGrowthPotential,
         TimeWarp,
@@ -964,7 +964,7 @@ fn get_effective_payload(mt: NnsFunction, payload: &[u8]) -> Cow<[u8]> {
     match mt {
         NnsFunction::BitcoinSetConfig => {
             // Decode the payload to get the network.
-            let payload = Decode!(payload, BitcoinSetConfigProposal)
+            let payload = Decode!([decoder_config()]; payload, BitcoinSetConfigProposal)
                 .expect("payload must be a valid BitcoinSetConfigProposal.");
 
             // Convert it to a call canister payload.

rs/nns/governance/src/governance.rs

@@ -1,4 +1,5 @@
 use crate::{
+    decoder_config,
     governance::manage_neuron_request::{
         execute_manage_neuron, simulate_manage_neuron, ManageNeuronRequest,
     },
@@ -4688,7 +4689,7 @@ impl Governance {
                     update.payload.len(),
                 )
             } else if update.nns_function == NnsFunction::IcpXdrConversionRate as i32 {
-                match Decode!(&update.payload, UpdateIcpXdrConversionRatePayload) {
+                match Decode!([decoder_config()]; &update.payload, UpdateIcpXdrConversionRatePayload) {
                     Ok(payload) => {
                         if payload.xdr_permyriad_per_icp
                             < self.heap_data
@@ -4711,7 +4712,7 @@ impl Governance {
                     ),
                 }
             } else if update.nns_function == NnsFunction::AssignNoid as i32 {
-                match Decode!(&update.payload, AddNodeOperatorPayload) {
+                match Decode!([decoder_config()]; &update.payload, AddNodeOperatorPayload) {
                     Ok(payload) => match payload.node_provider_principal_id {
                         Some(id) => {
                             let is_registered = self
@@ -4735,7 +4736,7 @@ impl Governance {
                     ),
                 }
             } else if update.nns_function == NnsFunction::AddOrRemoveDataCenters as i32 {
-                match Decode!(&update.payload, AddOrRemoveDataCentersProposalPayload) {
+                match Decode!([decoder_config()]; &update.payload, AddOrRemoveDataCentersProposalPayload) {
                     Ok(payload) => match payload.validate() {
                         Ok(_) => {
                             return Ok(());

rs/nns/governance/src/lib.rs

@@ -124,6 +124,7 @@ use crate::{
     governance::{Governance, TimeWarp},
     pb::v1::{governance::GovernanceCachedMetrics, ProposalStatus},
 };
+use candid::DecoderConfig;
 use mockall::automock;
 use std::{
     collections::{BTreeMap, HashMap},
@@ -160,6 +161,17 @@ mod reward;
 pub mod storage;
 mod subaccount_index;
 
+/// Limit the amount of work for skipping unneeded data on the wire when parsing Candid.
+/// The value of 10_000 follows the Candid recommendation.
+const DEFAULT_SKIPPING_QUOTA: usize = 10_000;
+
+pub fn decoder_config() -> DecoderConfig {
+    let mut config = DecoderConfig::new();
+    config.set_skipping_quota(DEFAULT_SKIPPING_QUOTA);
+    config.set_full_error_message(false);
+    config
+}
+
 #[automock]
 trait Clock {
     fn now(&self) -> u64;

rs/rust_canisters/dfn_candid/src/lib.rs

@@ -1,15 +1,26 @@
 use candid::de::IDLDeserialize;
-use candid::CandidType;
 pub use candid::{
-    decode_args, encode_args, encode_one,
+    decode_args_with_config, encode_args, encode_one,
     utils::{ArgumentDecoder, ArgumentEncoder},
 };
+use candid::{CandidType, DecoderConfig};
 use on_wire::witness;
 use on_wire::{FromWire, IntoWire, NewType};
 use serde::de::DeserializeOwned;
 
 pub struct Candid<T>(pub T);
 
+/// Limit the amount of work for skipping unneeded data on the wire when parsing Candid.
+/// The value of 10_000 follows the Candid recommendation.
+const DEFAULT_SKIPPING_QUOTA: usize = 10_000;
+
+fn decoder_config() -> DecoderConfig {
+    let mut config = DecoderConfig::new();
+    config.set_skipping_quota(DEFAULT_SKIPPING_QUOTA);
+    config.set_full_error_message(false);
+    config
+}
+
 impl<T> NewType for Candid<T> {
     type Inner = T;
     fn from_inner(t: Self::Inner) -> Self {
@@ -28,7 +39,7 @@ impl<Tuple: ArgumentEncoder> IntoWire for Candid<Tuple> {
 
 impl<Tuple: for<'a> ArgumentDecoder<'a>> FromWire for Candid<Tuple> {
     fn from_bytes(bytes: Vec<u8>) -> Result<Self, String> {
-        let res = decode_args(&bytes).map_err(|e| e.to_string())?;
+        let res = decode_args_with_config(&bytes, &decoder_config()).map_err(|e| e.to_string())?;
         Ok(Candid(res))
     }
 }
@@ -53,7 +64,8 @@ impl<T: CandidType> IntoWire for CandidOne<T> {
 
 impl<A1: DeserializeOwned + CandidType> FromWire for CandidOne<A1> {
     fn from_bytes(bytes: Vec<u8>) -> Result<Self, String> {
-        let mut de = IDLDeserialize::new(&bytes[..]).map_err(|e| e.to_string())?;
+        let mut de = IDLDeserialize::new_with_config(&bytes[..], &decoder_config())
+            .map_err(|e| e.to_string())?;
         let res = de.get_value().map_err(|e| e.to_string())?;
         Ok(CandidOne(res))
     }