From f3b7dcc5bdd5b2b02e12133a0d8e16a75844f766 Mon Sep 17 00:00:00 2001 From: Felix Lange Date: Wed, 22 Feb 2017 17:35:11 +0100 Subject: common/hexutil: reject big integer inputs > 256 bits This follows the change to common/math big integer parsing in PR #3699. --- common/hexutil/hexutil.go | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'common/hexutil/hexutil.go') diff --git a/common/hexutil/hexutil.go b/common/hexutil/hexutil.go index 4ec0ee8e6..16863f6c0 100644 --- a/common/hexutil/hexutil.go +++ b/common/hexutil/hexutil.go @@ -49,6 +49,7 @@ var ( ErrOddLength = errors.New("hex string has odd length") ErrUint64Range = errors.New("hex number does not fit into 64 bits") ErrUintRange = fmt.Errorf("hex number does not fit into %d bits", uintBits) + ErrBig256Range = errors.New("hex number does not fit into 256 bits") ) // Decode decodes a hex string with 0x prefix. @@ -126,11 +127,15 @@ func init() { } // DecodeBig decodes a hex string with 0x prefix as a quantity. +// Numbers larger than 256 bits are not accepted. func DecodeBig(input string) (*big.Int, error) { raw, err := checkNumber(input) if err != nil { return nil, err } + if len(raw) > 64 { + return nil, ErrBig256Range + } words := make([]big.Word, len(raw)/bigWordNibbles+1) end := len(raw) for i := range words { -- cgit v1.2.3