From ba51aa8934f51825e3336200978837b3660aa4a5 Mon Sep 17 00:00:00 2001 From: "Owain G. Ainsworth" Date: Mon, 24 Jun 2013 18:06:01 +0100 Subject: [PATCH] partially revert afc2e8100a56b0968e2bf77e5d24246bc5cf9a04 Turns out that there are some signatures in the bitcoin blockchain that have trailing 0s, for example 12a1b29fd6c295075b6a66f5fd90f0126ceb1fda4f15e4b44d92518bd52a5cdf has a signature length of 0x45 where there are 0x47 bytes following that length check (one is hashtype and is supposed to be trimmed out prior to calling the function). We relax the paranoid length check to permit traling data, but not to permit buffers that are too short. Change the test to passing with a big comment stating why this is now considered a valid case. --- signature.go | 2 +- signature_test.go | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/signature.go b/signature.go index adcead0f..edbd3232 100644 --- a/signature.go +++ b/signature.go @@ -43,7 +43,7 @@ func ParseSignature(sigStr []byte, curve elliptic.Curve) (*Signature, error) { // length of remaining message siglen := sigStr[index] index++ - if int(siglen+2) != len(sigStr) { + if int(siglen+2) > len(sigStr) { return nil, errors.New("malformed signature: bad length") } // trim the slice we're working on so we only look at what matters. diff --git a/signature_test.go b/signature_test.go index c52b3425..33ff8a4c 100644 --- a/signature_test.go +++ b/signature_test.go @@ -151,7 +151,13 @@ var signatureTests = []signatureTest{ 0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22, 0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09, 0x01, }, - isValid: false, + + // This test is now passing (used to be failing) because there + // are signatures in the blockchain that have trailing zero + // bytes before the hashtype. So ParseSignature was fixed to + // permit buffers with trailing nonsense after the actual + // signature. + isValid: true, }, signatureTest{ name: "X == N ",