logos-messaging/go-zerokit-rln
1
0
Fork 0
mirror of https://github.com/logos-messaging/go-zerokit-rln.git synced 2026-01-02 13:13:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Ensure no out of bound

Browse Source
This commit is contained in:
alrevuelta 2024-01-16 16:01:01 +01:00
parent a5ebd1023f
commit 4e7f9e1f30
No known key found for this signature in database
GPG Key ID: F345C9F3CCDB886E
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
rln/rln.go
View File

@ -406,6 +406,11 @@ func (r *RLN) GetMerkleProof(index MembershipIndex) (MerkleProof, error) {
return MerkleProof{}, err return MerkleProof{}, err
} }
// Check if we can read the first byte
if len(proofBytes) < 8 {
return MerkleProof{}, errors.New(fmt.Sprintf("wrong output size: %d", len(proofBytes)))
}
var result MerkleProof var result MerkleProof
var numElements big.Int var numElements big.Int
var numIndexes big.Int var numIndexes big.Int
@ -416,6 +421,14 @@ func (r *RLN) GetMerkleProof(index MembershipIndex) (MerkleProof, error) {
numElements.SetBytes(revert(proofBytes[offset : offset+8])) numElements.SetBytes(revert(proofBytes[offset : offset+8]))
offset += 8 offset += 8
// With numElements we can determine the expected length of the proof.
expectedLen := 8 + int(32*numElements.Uint64()) + 8 + int(numElements.Uint64())
if len(proofBytes) != expectedLen {
return MerkleProof{}, errors.New(fmt.Sprintf("wrong output size expected: %d, current: %d",
expectedLen,
len(proofBytes)))
}
result.PathElements = make([]MerkleNode, numElements.Uint64()) result.PathElements = make([]MerkleNode, numElements.Uint64())
for i := uint64(0); i < numElements.Uint64(); i++ { for i := uint64(0); i < numElements.Uint64(); i++ {