Fix unaligned read of short_vec pubkey_size in sigverify

[ryoqun]

(This is split from #6236 as requested by @sakridge !)

Problem

sigverify's deserialization is wrong in a corner case; most of time it works as intended.

In short, this old code incorrectly reads bytes serialized from MessageHeader (three of u8s) as the length (ShortU16) of short_vec. (Moderate pun intended... :).

So, if MessageHeader.required_num_sigs are above 0x7f (according to the comment of Short16), pubkey_size will be 2 and subsequent offset calculation gets bogus, resulting in false negative results of sigverify. This have been working because most of time MessageHeader.required_num_sigs is very small compared to the 0x7f.

From https://github.com/solana-labs/solana/pull/6236/files#r333704395

Solution

Shift the offset correctly, taking size_of MessageHeader into account.

[codecov]

Codecov Report

Merging #6388 into master will increase coverage by 4.7%.
The diff coverage is 96.4%.

@@           Coverage Diff            @@
##           master   #6388     +/-   ##
========================================
+ Coverage    72.7%   77.4%   +4.7%     
========================================
  Files         219     209     -10     
  Lines       45244   40004   -5240     
========================================
- Hits        32901   30972   -1929     
+ Misses      12343    9032   -3311

[CriesofCarrots]

One nit, but lgtm

[CriesofCarrots]

Don't need this cast

[ryoqun]

nice nits! 082fd71

Pull request has been modified.

[ryoqun]

One nit, but lgtm

yay!

[mvines]

@ryoqun thanks!

[sakridge]

Yes looks good. Thanks for splitting it out into this commit, it was much easier to understand the change.