SDK: Sanitize base58 signature input
This commit is contained in:
		
				
					committed by
					
						![mergify[bot]](/avatar/e3df20cd7a67969c41a65f03bea54961?size=40) mergify[bot]
						mergify[bot]
					
				
			
			
				
	
			
			
			
						parent
						
							250b3969d4
						
					
				
				
					commit
					2783aee483
				
			| @@ -58,6 +58,11 @@ impl Keypair { | |||||||
|     } |     } | ||||||
| } | } | ||||||
|  |  | ||||||
|  | /// Number of bytes in a signature | ||||||
|  | pub const SIGNATURE_BYTES: usize = 64; | ||||||
|  | /// Maximum string length of a base58 encoded signature | ||||||
|  | const MAX_BASE58_SIGNATURE_LEN: usize = 88; | ||||||
|  |  | ||||||
| #[repr(transparent)] | #[repr(transparent)] | ||||||
| #[derive( | #[derive( | ||||||
|     Serialize, Deserialize, Clone, Copy, Default, Eq, PartialEq, Ord, PartialOrd, Hash, AbiExample, |     Serialize, Deserialize, Clone, Copy, Default, Eq, PartialEq, Ord, PartialOrd, Hash, AbiExample, | ||||||
| @@ -138,6 +143,9 @@ impl FromStr for Signature { | |||||||
|     type Err = ParseSignatureError; |     type Err = ParseSignatureError; | ||||||
|  |  | ||||||
|     fn from_str(s: &str) -> Result<Self, Self::Err> { |     fn from_str(s: &str) -> Result<Self, Self::Err> { | ||||||
|  |         if s.len() > MAX_BASE58_SIGNATURE_LEN { | ||||||
|  |             return Err(ParseSignatureError::WrongSize); | ||||||
|  |         } | ||||||
|         let bytes = bs58::decode(s) |         let bytes = bs58::decode(s) | ||||||
|             .into_vec() |             .into_vec() | ||||||
|             .map_err(|_| ParseSignatureError::Invalid)?; |             .map_err(|_| ParseSignatureError::Invalid)?; | ||||||
| @@ -521,6 +529,16 @@ mod tests { | |||||||
|             signature_base58_str.parse::<Signature>(), |             signature_base58_str.parse::<Signature>(), | ||||||
|             Err(ParseSignatureError::Invalid) |             Err(ParseSignatureError::Invalid) | ||||||
|         ); |         ); | ||||||
|  |  | ||||||
|  |         // too long input string | ||||||
|  |         // longest valid encoding | ||||||
|  |         let mut too_long = bs58::encode(&[255u8; SIGNATURE_BYTES]).into_string(); | ||||||
|  |         // and one to grow on | ||||||
|  |         too_long.push('1'); | ||||||
|  |         assert_eq!( | ||||||
|  |             too_long.parse::<Signature>(), | ||||||
|  |             Err(ParseSignatureError::WrongSize) | ||||||
|  |         ); | ||||||
|     } |     } | ||||||
|  |  | ||||||
|     #[test] |     #[test] | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user