aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorWladimir J. van der Laan <laanwj@protonmail.com>2019-12-13 11:15:18 +0100
committerWladimir J. van der Laan <laanwj@protonmail.com>2019-12-13 11:15:28 +0100
commit995b6c83e1ae23bb32bf1b9d19635036b92f54ef (patch)
tree88cbcf8c6f16bfe750efb637984e56157a8731aa /src
parentd4b335c60af46eb631beb38a9d6c4d55e4c0ffc3 (diff)
parentd945c6f5e6f61b6e289ac7da6834c18f1b677b0f (diff)
Merge #17721: util: Don't allow Base58 decoding of non-Base58 strings. Add Base58 tests.
d945c6f5e6f61b6e289ac7da6834c18f1b677b0f util: Don't allow base58-decoding of std::string:s containing non-base58 characters (practicalswift) ff7a9992263f5a19f73097c86068b6150d213c23 tests: Add tests for base58-decoding of std::string:s containing non-base58 characters (practicalswift) Pull request description: Don't allow Base58 decoding of non-Base58 strings. Add Base58 tests. Fixes #17718. Added tests before the Base58 decoding patch: ``` $ make check … test/base58_tests.cpp(62): error: in "base58_tests/base58_DecodeBase58": check !DecodeBase58(std::string("\0invalid", 8), result) has failed test/base58_tests.cpp(67): error: in "base58_tests/base58_DecodeBase58": check !DecodeBase58(std::string("good\0bad0IOl", 12), result) has failed test/base58_tests.cpp(76): error: in "base58_tests/base58_DecodeBase58": check !DecodeBase58Check(std::string("3vQB7B6MrGQZaxCuFg4oh\00IOl", 26), result) has failed *** 3 failures are detected in the test module "Bitcoin Core Test Suite" … $ echo $? 1 ``` Added tests before the Base58 decoding patch: ``` $ make check … OK … $ echo $? 0 ``` ACKs for top commit: MarcoFalke: ACK d945c6f5e6f61b6e289ac7da6834c18f1b677b0f 🚓 laanwj: ACK d945c6f5e6f61b6e289ac7da6834c18f1b677b0f Tree-SHA512: 78fee3a18718c9cfbf2e4b26daaf8f24b4deca00475b7b254fec7f8be740f8898c696d9cd0eaa7c50bca55909b9dff3b516b6fe4db92dc132dcc0a1c5e3d61af
Diffstat (limited to 'src')
-rw-r--r--src/base58.cpp7
-rw-r--r--src/test/base58_tests.cpp12
-rw-r--r--src/util/strencodings.cpp3
-rw-r--r--src/util/string.h11
4 files changed, 32 insertions, 1 deletions
diff --git a/src/base58.cpp b/src/base58.cpp
index a0149fb641..17d3f86ba8 100644
--- a/src/base58.cpp
+++ b/src/base58.cpp
@@ -7,6 +7,7 @@
#include <hash.h>
#include <uint256.h>
#include <util/strencodings.h>
+#include <util/string.h>
#include <assert.h>
#include <string.h>
@@ -130,6 +131,9 @@ std::string EncodeBase58(const std::vector<unsigned char>& vch)
bool DecodeBase58(const std::string& str, std::vector<unsigned char>& vchRet, int max_ret_len)
{
+ if (!ValidAsCString(str)) {
+ return false;
+ }
return DecodeBase58(str.c_str(), vchRet, max_ret_len);
}
@@ -161,5 +165,8 @@ bool DecodeBase58Check(const char* psz, std::vector<unsigned char>& vchRet, int
bool DecodeBase58Check(const std::string& str, std::vector<unsigned char>& vchRet, int max_ret)
{
+ if (!ValidAsCString(str)) {
+ return false;
+ }
return DecodeBase58Check(str.c_str(), vchRet, max_ret);
}
diff --git a/src/test/base58_tests.cpp b/src/test/base58_tests.cpp
index 96fdf8c86d..57559fa687 100644
--- a/src/test/base58_tests.cpp
+++ b/src/test/base58_tests.cpp
@@ -59,12 +59,24 @@ BOOST_AUTO_TEST_CASE(base58_DecodeBase58)
}
BOOST_CHECK(!DecodeBase58("invalid", result, 100));
+ BOOST_CHECK(!DecodeBase58(std::string("invalid"), result, 100));
+ BOOST_CHECK(!DecodeBase58(std::string("\0invalid", 8), result, 100));
+
+ BOOST_CHECK(DecodeBase58(std::string("good", 4), result, 100));
+ BOOST_CHECK(!DecodeBase58(std::string("bad0IOl", 7), result, 100));
+ BOOST_CHECK(!DecodeBase58(std::string("goodbad0IOl", 11), result, 100));
+ BOOST_CHECK(!DecodeBase58(std::string("good\0bad0IOl", 12), result, 100));
// check that DecodeBase58 skips whitespace, but still fails with unexpected non-whitespace at the end.
BOOST_CHECK(!DecodeBase58(" \t\n\v\f\r skip \r\f\v\n\t a", result, 3));
BOOST_CHECK( DecodeBase58(" \t\n\v\f\r skip \r\f\v\n\t ", result, 3));
std::vector<unsigned char> expected = ParseHex("971a55");
BOOST_CHECK_EQUAL_COLLECTIONS(result.begin(), result.end(), expected.begin(), expected.end());
+
+ BOOST_CHECK(DecodeBase58Check(std::string("3vQB7B6MrGQZaxCuFg4oh", 21), result, 100));
+ BOOST_CHECK(!DecodeBase58Check(std::string("3vQB7B6MrGQZaxCuFg4oi", 21), result, 100));
+ BOOST_CHECK(!DecodeBase58Check(std::string("3vQB7B6MrGQZaxCuFg4oh0IOl", 25), result, 100));
+ BOOST_CHECK(!DecodeBase58Check(std::string("3vQB7B6MrGQZaxCuFg4oh\00IOl", 26), result, 100));
}
BOOST_AUTO_TEST_CASE(base58_random_encode_decode)
diff --git a/src/util/strencodings.cpp b/src/util/strencodings.cpp
index 46042f5634..8f2d05f03b 100644
--- a/src/util/strencodings.cpp
+++ b/src/util/strencodings.cpp
@@ -4,6 +4,7 @@
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
#include <util/strencodings.h>
+#include <util/string.h>
#include <tinyformat.h>
@@ -269,7 +270,7 @@ NODISCARD static bool ParsePrechecks(const std::string& str)
return false;
if (str.size() >= 1 && (IsSpace(str[0]) || IsSpace(str[str.size()-1]))) // No padding allowed
return false;
- if (str.size() != strlen(str.c_str())) // No embedded NUL characters allowed
+ if (!ValidAsCString(str)) // No embedded NUL characters allowed
return false;
return true;
}
diff --git a/src/util/string.h b/src/util/string.h
index 76a83a4949..c6fa08e5b3 100644
--- a/src/util/string.h
+++ b/src/util/string.h
@@ -5,6 +5,9 @@
#ifndef BITCOIN_UTIL_STRING_H
#define BITCOIN_UTIL_STRING_H
+#include <attributes.h>
+
+#include <cstring>
#include <string>
#include <vector>
@@ -31,4 +34,12 @@ inline std::string Join(const std::vector<std::string>& list, const std::string&
return Join(list, separator, [](const std::string& i) { return i; });
}
+/**
+ * Check if a string does not contain any embedded NUL (\0) characters
+ */
+NODISCARD inline bool ValidAsCString(const std::string& str) noexcept
+{
+ return str.size() == strlen(str.c_str());
+}
+
#endif // BITCOIN_UTIL_STRENCODINGS_H