btcec/signature: fix DoS bug with signature parsing
This commit is contained in:
Julian Meyer
parent
cff30e1d23
commit
db8e412dc6
2 changed files with 10 additions and 1 deletions
|
|
@ -112,7 +112,10 @@ func parseSig(sigStr []byte, curve elliptic.Curve, der bool) (*Signature, error)
|
||||||
// length of remaining message
|
// length of remaining message
|
||||||
siglen := sigStr[index]
|
siglen := sigStr[index]
|
||||||
index++
|
index++
|
||||||
if int(siglen+2) > len(sigStr) {
|
|
||||||
|
// siglen should be less than the entire message and greater than
|
||||||
|
// the minimal message of size 8.
|
||||||
|
if int(siglen+2) > len(sigStr) || int(siglen+2) < 8 {
|
||||||
return nil, errors.New("malformed signature: bad length")
|
return nil, errors.New("malformed signature: bad length")
|
||||||
}
|
}
|
||||||
// trim the slice we're working on so we only look at what matters.
|
// trim the slice we're working on so we only look at what matters.
|
||||||
|
|
|
||||||
|
|
@ -113,6 +113,12 @@ var signatureTests = []signatureTest{
|
||||||
der: true,
|
der: true,
|
||||||
isValid: false,
|
isValid: false,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: "invalid message length",
|
||||||
|
sig: []byte{0x30, 0x00, 0x02, 0x01, 0x00, 0x02, 0x01, 0x00},
|
||||||
|
der: false,
|
||||||
|
isValid: false,
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name: "long len",
|
name: "long len",
|
||||||
sig: []byte{0x30, 0x45, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
|
sig: []byte{0x30, 0x45, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue