LaconicNetwork/cosmos-sdk
9
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

refactor(x/tx/decode): bulletproof against protowire.ConsumeTag potential varint overflows (#18611)

Browse Source
This commit is contained in:
Emmanuel T Odeke 2023-12-02 06:11:33 -08:00 committed by GitHub
parent 9d086f82f9
commit f23d5c4d22
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
x/tx/decode/adr027.go
View File

@ -24,6 +24,14 @@ func rejectNonADR027TxRaw(txBytes []byte) error {
if m < 0 {
return fmt.Errorf("invalid length; %w", protowire.ParseError(m))
}
// Paranoia from possible varint decoding which can trivially
// be wrong due to the precarious nature of the format being tricked:
// https://cyber.orijtech.com/advisory/varint-decode-limitless
if m > len(txBytes) {
return fmt.Errorf("invalid length from decoding (%d) > len(txBytes) (%d)", m, len(txBytes))
}
// TxRaw only has bytes fields.
if wireType != protowire.BytesType {
return fmt.Errorf("expected %d wire type, got %d", protowire.BytesType, wireType)