psbt: return ErrInvalidKeydata if value isn't a 32-bit uint
This commit fixes a panic when deserializing PSBTs in raw binary. If the key type was SighashType and the value was not 4 bytes long, the call to binary.LittleEndian.Uint32(value) would panic as the function expects 4 bytes to parse into a uint32. We now perform a sanity check that asserts that the value is 4 bytes long.
This commit is contained in:
parent
d08f03552c
commit
f06d6af2f0
1 changed files with 6 additions and 0 deletions
|
@ -141,6 +141,12 @@ func (pi *PInput) deserialize(r io.Reader) error {
|
||||||
return ErrInvalidKeydata
|
return ErrInvalidKeydata
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Bounds check on value here since the sighash type must be a
|
||||||
|
// 32-bit unsigned integer.
|
||||||
|
if len(value) != 4 {
|
||||||
|
return ErrInvalidKeydata
|
||||||
|
}
|
||||||
|
|
||||||
shtype := txscript.SigHashType(
|
shtype := txscript.SigHashType(
|
||||||
binary.LittleEndian.Uint32(value),
|
binary.LittleEndian.Uint32(value),
|
||||||
)
|
)
|
||||||
|
|
Loading…
Reference in a new issue