grassrootseconomics
/
openethereum
5
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #6227 from paritytech/rlp-check 

Untrusted RLP length overflow check
This commit is contained in:
Robert Habermeier 2017-08-03 21:20:38 +02:00 committed by GitHub
parent 0c7c34e609 d30e47a50e
commit ae9f35668e
2 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
util/rlp/src/error.rs
View File

@ -30,6 +30,8 @@ pub enum DecoderError {
RlpInvalidIndirection,
/// Declared length is inconsistent with data specified after.
RlpInconsistentLengthAndData,
/// Declared length is invalid and results in overflow
RlpInvalidLength,
/// Custom rlp decoding error.
Custom(&'static str),
}

13
util/rlp/src/untrusted_rlp.rs
View File

@ -371,7 +371,8 @@ impl<'a> BasicDecoder<'a> {
}
let len = decode_usize(&bytes[1..begin_of_value])?;
let last_index_of_value = begin_of_value + len;
let last_index_of_value = begin_of_value.checked_add(len)
.ok_or(DecoderError::RlpInvalidLength)?;
if bytes.len() < last_index_of_value {
return Err(DecoderError::RlpInconsistentLengthAndData);
}
@ -385,7 +386,7 @@ impl<'a> BasicDecoder<'a> {
#[cfg(test)]
mod tests {
use UntrustedRlp;
use {UntrustedRlp, DecoderError};
#[test]
fn test_rlp_display() {
@ -394,4 +395,12 @@ mod tests {
let rlp = UntrustedRlp::new(&data);
assert_eq!(format!("{}", rlp), "[\"0x05\", \"0x010efbef67941f79b2\", \"0x56e81f171bcc55a6ff8345e692c0f86e5b48e01b996cadc001622fb5e363b421\", \"0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470\"]");
}
#[test]
fn length_overflow() {
let bs = [0xbf, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xe5];
let rlp = UntrustedRlp::new(&bs);
let res: Result<u8, DecoderError> = rlp.as_val();
assert_eq!(Err(DecoderError::RlpInvalidLength), res);
}
}