Overflow detection, span-based signatures, flatten control flow

firmware/include/wire.h

@@ -109,7 +109,7 @@ static constexpr size_t envelope_hdr_len =
 static constexpr size_t response_prefix_len = envelope_hdr_len + ext16_header_len;
 
 template <typename T>
-inline size_t encode_response_into(span_writer &out, uint32_t message_id, const T &msg) {
+inline msgpack::result<size_t> encode_response_into(span_writer &out, uint32_t message_id, const T &msg) {
     auto body = out.subspan(response_prefix_len);
     msgpack::packer body_p(body);
     body_p.pack(msg.as_tuple());
@@ -129,6 +129,8 @@ inline size_t encode_response_into(span_writer &out, uint32_t message_id, const
     hdr.pack_uint32_fixed(checksum);
     hdr.pack_bin16_header(static_cast<uint16_t>(bin_len));
 
+    if (body.overflow() || inner_ext.overflow() || env_hdr.overflow())
+        return std::unexpected(msgpack::error_code::overflow);
     return response_prefix_len + body.size();
 }
 
@@ -176,6 +178,3 @@ inline msgpack::result<T> decode_response(const uint8_t *data, size_t len) {
     return out;
 }
 
-inline size_t encode_request_into(span_writer &out, uint32_t message_id, const auto &msg) {
-    return encode_response_into(out, message_id, msg);
-}