octo
/
Zebra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

validate addr length before reading (#6320)

This commit is contained in:
Alfredo Garcia 2023-03-14 22:49:14 -03:00 committed by GitHub
parent c75fb63385
commit ccb772278a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
zebra-network/src/protocol/external/addr/v2.rs vendored
View File

@ -15,8 +15,8 @@ use byteorder::{BigEndian, ReadBytesExt};
use thiserror::Error; use thiserror::Error;
use zebra_chain::serialization::{ use zebra_chain::serialization::{
CompactSize64, DateTime32, SerializationError, TrustedPreallocate, ZcashDeserialize, zcash_deserialize_bytes_external_count, CompactSize64, DateTime32, SerializationError,
ZcashDeserializeInto, TrustedPreallocate, ZcashDeserialize, ZcashDeserializeInto,
}; };
use crate::{ use crate::{
@ -282,19 +282,22 @@ impl ZcashDeserialize for AddrV2 {
// See the list of reserved network IDs in ZIP 155. // See the list of reserved network IDs in ZIP 155.
let network_id = reader.read_u8()?; let network_id = reader.read_u8()?;
// > CompactSize The length in bytes of addr. // > CompactSize The length in bytes of addr.
// > uint8[sizeAddr] Network address. The interpretation depends on networkID. let max_size = MAX_ADDR_V2_ADDR_SIZE as u64; // `MAX_ADDR_V2_ADDR_SIZE` fits in `u64`.
let addr: Vec<u8> = (&mut reader).zcash_deserialize_into()?; let addr_len: CompactSize64 = (&mut reader).zcash_deserialize_into()?;
if addr_len > CompactSize64::from(max_size) {
// > uint16 Network port. If not relevant for the network this MUST be 0.
let port = reader.read_u16::<BigEndian>()?;
if addr.len() > MAX_ADDR_V2_ADDR_SIZE {
return Err(SerializationError::Parse( return Err(SerializationError::Parse(
"addr field longer than MAX_ADDR_V2_ADDR_SIZE in addrv2 message", "addr field longer than MAX_ADDR_V2_ADDR_SIZE in addrv2 message",
)); ));
} }
// > uint8[sizeAddr] Network address. The interpretation depends on networkID.
let addr: Vec<u8> =
zcash_deserialize_bytes_external_count(u64::from(addr_len) as usize, &mut reader)?;
// > uint16 Network port. If not relevant for the network this MUST be 0.
let port = reader.read_u16::<BigEndian>()?;
let ip = if network_id == ADDR_V2_IPV4_NETWORK_ID { let ip = if network_id == ADDR_V2_IPV4_NETWORK_ID {
AddrV2::ip_addr_from_bytes::<ADDR_V2_IPV4_ADDR_SIZE>(addr)? AddrV2::ip_addr_from_bytes::<ADDR_V2_IPV4_ADDR_SIZE>(addr)?
} else if network_id == ADDR_V2_IPV6_NETWORK_ID { } else if network_id == ADDR_V2_IPV6_NETWORK_ID {