Commit Graph

27 Commits

Author SHA1 Message Date
Felix Lange ea54283b30 all: update license information 2015-07-07 14:12:44 +02:00
Felix Lange dd49c8e43d rlp: fix list bounds check overflow (found by go-fuzz)
The list size checking overflowed if the size information
for a value was bigger than the list. This is resolved by
always performing the check before reading.
2015-04-28 10:28:15 +02:00
Felix Lange 7180699d40 rlp: require declared number of input elements for array types 2015-04-17 14:45:10 +02:00
Felix Lange 4d5a518a0b rlp: stop accepting lists for byte slices and byte arrays 2015-04-17 14:45:10 +02:00
Felix Lange cad64fb911 rlp: stricter rules for structs and pointers
The rules have changed as follows:

* When decoding into pointers, empty values no longer produce
  a nil pointer. This can be overriden for struct fields using the
  struct tag "nil".
* When decoding into structs, the input list must contain an element
  for each field.
2015-04-17 14:45:09 +02:00
Felix Lange 1e2c93aa2d rlp: reject non-minimal input strings
Input strings of length 1 containing a byte < 56 are non-minimal and
should be encoded as a single byte instead. Reject such strings.
2015-04-17 14:45:09 +02:00
Felix Lange 6e9f8035a1 rlp: stricter validation of canonical integer format
All integers (including size information in type tags) need to be
encoded using the smallest possible encoding. This commit expands the
stricter validation introduced for *big.Int in commit 59597d23a5
to all integer types and size tags.
2015-04-17 14:45:09 +02:00
Felix Lange 6788f955c2 rlp: fix handling of single byte zero when decoding into a pointer
A single zero byte carries information and should not set the pointer
to nil. This is arguably a corner case. While here, fix the comment
to explain pointer reuse.
2015-04-17 14:45:09 +02:00
Felix Lange 2750ec47b7 rlp: fix integer overflow in list element size validation
It is not safe to add anything to s.size.
2015-04-17 14:45:09 +02:00
Felix Lange c35f4fd0bd rlp: check top-level value sizes against input limit
This is a preliminary fix for #420 (SEC-18 RLP decoder unsafe
allocation). If a sane input limit is set on the rlp.Stream,
it should no longer be possible to cause huge []byte allocations.
2015-04-17 14:42:41 +02:00
obscuren 59597d23a5 Reject integers w/ appended zero's 2015-04-04 21:29:23 +02:00
Felix Lange a829a56587 rlp: add Stream.Raw 2015-03-21 00:49:31 +01:00
Felix Lange b41185a68f rlp: fix nil pointer decoding
The generic pointer decoder did not advance the input position
for empty values. This can lead to strange issues and even
infinite loops.
2015-03-20 22:33:40 +01:00
Felix Lange b94a6a0193 rlp: add DecodeBytes
Über-convenience.
2015-03-18 13:17:39 +01:00
Felix Lange fc92abec2c rlp: allow encoding non-empty interface values
This needs to be supported because []someInterface does occur sometimes.

Funny enough, the fix involves changes to the decoder. makeDecoder
cannot return an error for non-empty interfaces anymore because the type
cache builds both decoder and writer. Do the check at 'runtime' instead.
2015-01-15 23:35:26 +01:00
Felix Lange 552f5b2693 rlp: add functions for encoding
I'm reasonably confident that the encoding matches the output of
ethutil.Encode for values that it supports. Some of the tests have been
adpated from the Ethereum testing repository.

There are still TODOs in the code.
2015-01-15 11:00:19 +01:00
obscuren 6abf8ef78f Merge 2015-01-05 17:10:42 +01:00
Felix Lange 6cf4e0329c rlp: display decoder target type in more error messages
Decode error messages now say "expected input list for foo.MyStruct"
instead of just "expected List".
2014-12-09 22:28:49 +01:00
Felix Lange 829730dec4 rlp: remove dead code 2014-12-09 12:49:20 +01:00
Felix Lange c084a7daa5 rlp: fix panic in decodeList on go 1.4+
The documentation for reflect.Value.Index states that it will
panic for out-of-bounds indices. Since go 1.4, it actually panics.
2014-12-09 10:58:46 +01:00
Felix Lange 93e858f88e rlp: remove support for signed integer types
There is no agreement on how to encode negative integers
across implementations. cpp-ethereum doesn't support them either.
2014-12-09 10:58:46 +01:00
Felix Lange 4f12f0697e rlp: move decoder type switch to decode.go 2014-12-09 10:52:05 +01:00
Felix Lange f816fdcb69 rlp: include target type in decoder error messages 2014-11-25 16:00:48 +01:00
Felix Lange 205af02a1f rlp: add NewListStream (for p2p) 2014-11-24 19:03:17 +01:00
Felix Lange 5a5560f105 rlp: add Stream.Reset and accept any reader (for p2p) 2014-11-24 19:03:11 +01:00
Felix Lange bd0a50fdc3 rlp: fix pointer reuse 2014-11-17 12:02:08 +01:00
Felix Lange 74266d5bbd rlp: new package for streaming RLP decoder 2014-11-17 01:49:47 +01:00