psbt: define MaxPsbtKeyLength and check against it when decoding

This commit defines MaxPsbtKeyLength and checks that decoding a
key from a PSBT blob doesn't attempt to allocate too much memory.
This commit is contained in:
nsa 2020-04-08 17:53:06 -04:00
parent 8bf941f570
commit d08f03552c
2 changed files with 9 additions and 0 deletions

View file

@ -33,6 +33,10 @@ var (
//less than 4M.
const MaxPsbtValueLength = 4000000
// MaxPsbtKeyLength is the length of the largest key that we'll successfully
// deserialize from the wire. Anything more will return ErrInvalidKeydata.
const MaxPsbtKeyLength = 10000
var (
// ErrInvalidPsbtFormat is a generic error for any situation in which a

View file

@ -237,6 +237,11 @@ func getKey(r io.Reader) (int, []byte, error) {
return -1, nil, nil
}
// Check that we don't attempt to decode a dangerously large key.
if count > MaxPsbtKeyLength {
return -1, nil, ErrInvalidKeydata
}
// Next, we ready out the designated number of bytes, which may include
// a type, key, and optional data.
keyTypeAndData := make([]byte, count)