From b3e2cb2965f6d0929d53026734c01fd16c1e66d4 Mon Sep 17 00:00:00 2001 From: Andrea Franz Date: Fri, 1 Mar 2019 14:49:30 +0100 Subject: [PATCH] validate signature size on SendTransactionWithSignature (#1401) * chekc signature size to avoid panic from go-ethereum * add comment and constant * add test --- transactions/transactor.go | 10 ++++++++++ transactions/transactor_test.go | 6 ++++++ 2 files changed, 16 insertions(+) diff --git a/transactions/transactor.go b/transactions/transactor.go index 2027f5487..d8d692ac0 100644 --- a/transactions/transactor.go +++ b/transactions/transactor.go @@ -3,6 +3,7 @@ package transactions import ( "bytes" "context" + "errors" "fmt" "math/big" "sync" @@ -24,8 +25,13 @@ const ( sendTxTimeout = 300 * time.Second defaultGas = 90000 + + validSignatureSize = 65 ) +// ErrInvalidSignatureSize is returned if a signature is not 65 bytes to avoid panic from go-ethereum +var ErrInvalidSignatureSize = errors.New("signature size must be 65") + type ErrBadNonce struct { nonce uint64 expectedNonce uint64 @@ -88,6 +94,10 @@ func (t *Transactor) SendTransactionWithSignature(args SendTxArgs, sig []byte) ( return hash, ErrInvalidSendTxArgs } + if len(sig) != validSignatureSize { + return hash, ErrInvalidSignatureSize + } + chainID := big.NewInt(int64(t.networkID)) signer := types.NewEIP155Signer(chainID) diff --git a/transactions/transactor_test.go b/transactions/transactor_test.go index a9092738c..e1ea7392f 100644 --- a/transactions/transactor_test.go +++ b/transactions/transactor_test.go @@ -374,6 +374,12 @@ func (s *TransactorSuite) TestSendTransactionWithSignature() { } } +func (s *TransactorSuite) TestSendTransactionWithSignature_InvalidSignature() { + args := SendTxArgs{} + _, err := s.manager.SendTransactionWithSignature(args, []byte{}) + s.Equal(ErrInvalidSignatureSize, err) +} + func (s *TransactorSuite) TestHashTransaction() { privKey, err := crypto.GenerateKey() s.Require().NoError(err)