sdk: sanitize Hash base58 input
This commit is contained in:
Trent Nelson
committed by
mergify[bot]
mergify[bot]
parent
b09865e5a0
commit
1a20ab968f
@ -6,6 +6,8 @@ use std::{convert::TryFrom, fmt, mem, str::FromStr};
|
|||||||
use thiserror::Error;
|
use thiserror::Error;
|
||||||
|
|
||||||
pub const HASH_BYTES: usize = 32;
|
pub const HASH_BYTES: usize = 32;
|
||||||
|
/// Maximum string length of a base58 encoded hash
|
||||||
|
const MAX_BASE58_LEN: usize = 44;
|
||||||
#[derive(
|
#[derive(
|
||||||
Serialize, Deserialize, Clone, Copy, Default, Eq, PartialEq, Ord, PartialOrd, Hash, AbiExample,
|
Serialize, Deserialize, Clone, Copy, Default, Eq, PartialEq, Ord, PartialOrd, Hash, AbiExample,
|
||||||
)]
|
)]
|
||||||
@ -65,6 +67,9 @@ impl FromStr for Hash {
|
|||||||
type Err = ParseHashError;
|
type Err = ParseHashError;
|
||||||
|
|
||||||
fn from_str(s: &str) -> Result<Self, Self::Err> {
|
fn from_str(s: &str) -> Result<Self, Self::Err> {
|
||||||
|
if s.len() > MAX_BASE58_LEN {
|
||||||
|
return Err(ParseHashError::WrongSize);
|
||||||
|
}
|
||||||
let bytes = bs58::decode(s)
|
let bytes = bs58::decode(s)
|
||||||
.into_vec()
|
.into_vec()
|
||||||
.map_err(|_| ParseHashError::Invalid)?;
|
.map_err(|_| ParseHashError::Invalid)?;
|
||||||
@ -173,6 +178,13 @@ mod tests {
|
|||||||
Err(ParseHashError::WrongSize)
|
Err(ParseHashError::WrongSize)
|
||||||
);
|
);
|
||||||
|
|
||||||
|
let input_too_big = bs58::encode(&[0xffu8; HASH_BYTES + 1]).into_string();
|
||||||
|
assert!(input_too_big.len() > MAX_BASE58_LEN);
|
||||||
|
assert_eq!(
|
||||||
|
input_too_big.parse::<Hash>(),
|
||||||
|
Err(ParseHashError::WrongSize)
|
||||||
|
);
|
||||||
|
|
||||||
let mut hash_base58_str = bs58::encode(hash.0).into_string();
|
let mut hash_base58_str = bs58::encode(hash.0).into_string();
|
||||||
assert_eq!(hash_base58_str.parse::<Hash>(), Ok(hash));
|
assert_eq!(hash_base58_str.parse::<Hash>(), Ok(hash));
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user