aboutsummaryrefslogtreecommitdiffstats
path: root/rlp
diff options
context:
space:
mode:
authorobscuren <geffobscura@gmail.com>2015-04-05 03:29:23 +0800
committerobscuren <geffobscura@gmail.com>2015-04-05 03:29:23 +0800
commit59597d23a5ee268c66df96b930f651256661b8c5 (patch)
tree33939393d79fe13929bedd38e2221d30defbd62c /rlp
parentc39484bc4b099881c3aa164d33b5ba95c55f36fa (diff)
downloaddexon-59597d23a5ee268c66df96b930f651256661b8c5.tar
dexon-59597d23a5ee268c66df96b930f651256661b8c5.tar.gz
dexon-59597d23a5ee268c66df96b930f651256661b8c5.tar.bz2
dexon-59597d23a5ee268c66df96b930f651256661b8c5.tar.lz
dexon-59597d23a5ee268c66df96b930f651256661b8c5.tar.xz
dexon-59597d23a5ee268c66df96b930f651256661b8c5.tar.zst
dexon-59597d23a5ee268c66df96b930f651256661b8c5.zip
Reject integers w/ appended zero's
Diffstat (limited to 'rlp')
-rw-r--r--rlp/decode.go9
-rw-r--r--rlp/decode_test.go1
2 files changed, 10 insertions, 0 deletions
diff --git a/rlp/decode.go b/rlp/decode.go
index 0fde0a947..3b5617475 100644
--- a/rlp/decode.go
+++ b/rlp/decode.go
@@ -99,6 +99,8 @@ func (err *decodeError) Error() string {
func wrapStreamError(err error, typ reflect.Type) error {
switch err {
+ case ErrCanonInt:
+ return &decodeError{msg: "canon int error appends zero's", typ: typ}
case ErrExpectedList:
return &decodeError{msg: "expected input list", typ: typ}
case ErrExpectedString:
@@ -184,6 +186,12 @@ func decodeBigInt(s *Stream, val reflect.Value) error {
i = new(big.Int)
val.Set(reflect.ValueOf(i))
}
+
+ // Reject big integers which are zero appended
+ if len(b) > 0 && b[0] == 0 {
+ return wrapStreamError(ErrCanonInt, val.Type())
+ }
+
i.SetBytes(b)
return nil
}
@@ -460,6 +468,7 @@ var (
// Other errors
ErrExpectedString = errors.New("rlp: expected String or Byte")
ErrExpectedList = errors.New("rlp: expected List")
+ ErrCanonInt = errors.New("rlp: expected Int")
ErrElemTooLarge = errors.New("rlp: element is larger than containing list")
// internal errors
diff --git a/rlp/decode_test.go b/rlp/decode_test.go
index a18ff1d08..73a31c67f 100644
--- a/rlp/decode_test.go
+++ b/rlp/decode_test.go
@@ -312,6 +312,7 @@ var decodeTests = []decodeTest{
// big ints
{input: "01", ptr: new(*big.Int), value: big.NewInt(1)},
{input: "89FFFFFFFFFFFFFFFFFF", ptr: new(*big.Int), value: veryBigInt},
+ {input: "820001", ptr: new(big.Int), error: "rlp: canon int error appends zero's for *big.Int"},
{input: "10", ptr: new(big.Int), value: *big.NewInt(16)}, // non-pointer also works
{input: "C0", ptr: new(*big.Int), error: "rlp: expected input string or byte for *big.Int"},