[Crash/Fuzzing] TypeError in ssz library during BeaconBlock deserialize

[pventuzelo]

Describe the bug

During fuzzing with beaconfuzz, I found this TypeError crash inside ssz library when trying to deserialize a beaconblock.

Expected behavior

Should throw a custom Error.

Steps to Reproduce

crash_TypeError_block_lodestar.js:

var mainnet_1 = require("@chainsafe/lodestar-types/lib/ssz/presets/mainnet");

buf = Buffer.from('0100000000000000ae000000000000000a0a0a0a2a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a000000000000000000000000000000000000000000000000000000000000000054000000b69753a1c80a81b630fedc668c19ac093cbcc44fe1e294ff7164de52ef0f109a602b7065cb7b21f14a65cbcbbd4455960cef385d552e393e2d47b340cab50291ce81256c1b8239d6ebc1ab84ae2410f6b9fb3dc989e15a9fe9a4431393e1da5d0000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000dc000000dc000000dc000000dc00ddff', 'hex')

mainnet_1.types.BeaconBlock.deserialize(buf);

Run:

$ npm i @chainsafe/lodestar-types

$ node crash_TypeError_block_lodestar.js
XXX/lodestar/node_modules/@chainsafe/ssz/lib/types/basic/uint.js:176
      output += BigInt(data[offset + i]) << BigInt(8 * i);
                ^

TypeError: Cannot convert undefined to a BigInt
    at BigInt (<anonymous>)
    at BigIntUintType.fromBytes (XXX/lodestar/node_modules/@chainsafe/ssz/lib/types/basic/uint.js:176:17)
    at XXX/lodestar/node_modules/@chainsafe/ssz/lib/backings/structural/container.js:133:40
    at Array.forEach (<anonymous>)
    at ContainerStructuralHandler.fromBytes (XXX/lodestar/node_modules/@chainsafe/ssz/lib/backings/structural/container.js:112:39)
    at XXX/lodestar/node_modules/@chainsafe/ssz/lib/backings/structural/container.js:135:51
    at Array.forEach (<anonymous>)
    at ContainerStructuralHandler.fromBytes (XXX/lodestar/node_modules/@chainsafe/ssz/lib/backings/structural/container.js:112:39)
    at XXX/lodestar/node_modules/@chainsafe/ssz/lib/backings/structural/array.js:209:54
    at Function.from (<anonymous>)

Desktop (please complete the following information):

• OS: Ubuntu 18.04
• @chainsafe/lodestar-types: 0.8.0
• node -v: v12.9.1

[pventuzelo]

Extra information (zcli output):

$ zcli pretty block crash.bin
cannot load input
cannot decode ssz: cannot create scoped decoding reader, scope of 4292673536 bytes is bigger than parent scope has available space 0