aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFelix Lange <fjl@users.noreply.github.com>2017-12-12 05:47:10 +0800
committerGitHub <noreply@github.com>2017-12-12 05:47:10 +0800
commit2499b1b139d82f2f266ce9c79aebca1568396a51 (patch)
tree8165a1285e1e4b56fca8f3ce33c015e37013adca
parente7610eadfee686d7d979e8d23d0b903a78288a13 (diff)
downloadgo-tangerine-2499b1b139d82f2f266ce9c79aebca1568396a51.tar
go-tangerine-2499b1b139d82f2f266ce9c79aebca1568396a51.tar.gz
go-tangerine-2499b1b139d82f2f266ce9c79aebca1568396a51.tar.bz2
go-tangerine-2499b1b139d82f2f266ce9c79aebca1568396a51.tar.lz
go-tangerine-2499b1b139d82f2f266ce9c79aebca1568396a51.tar.xz
go-tangerine-2499b1b139d82f2f266ce9c79aebca1568396a51.tar.zst
go-tangerine-2499b1b139d82f2f266ce9c79aebca1568396a51.zip
rlp: fix string size check in readKind (#15625)
Issue found by @guidovranken
-rw-r--r--rlp/raw.go2
-rw-r--r--rlp/raw_test.go1
2 files changed, 2 insertions, 1 deletions
diff --git a/rlp/raw.go b/rlp/raw.go
index 6bf1c1df8..2b3f328f6 100644
--- a/rlp/raw.go
+++ b/rlp/raw.go
@@ -98,7 +98,7 @@ func readKind(buf []byte) (k Kind, tagsize, contentsize uint64, err error) {
tagsize = 1
contentsize = uint64(b - 0x80)
// Reject strings that should've been single bytes.
- if contentsize == 1 && buf[1] < 128 {
+ if contentsize == 1 && len(buf) > 1 && buf[1] < 128 {
return 0, 0, 0, ErrCanonSize
}
case b < 0xC0:
diff --git a/rlp/raw_test.go b/rlp/raw_test.go
index bac09d8d4..2aad04210 100644
--- a/rlp/raw_test.go
+++ b/rlp/raw_test.go
@@ -96,6 +96,7 @@ func TestSplit(t *testing.T) {
{input: "F90055", err: ErrCanonSize, rest: "F90055"},
{input: "FA0002FFFF", err: ErrCanonSize, rest: "FA0002FFFF"},
+ {input: "81", err: ErrValueTooLarge, rest: "81"},
{input: "8501010101", err: ErrValueTooLarge, rest: "8501010101"},
{input: "C60607080902", err: ErrValueTooLarge, rest: "C60607080902"},