3.9/3.10. 3.9: Remove cast which fails on a several GB malicious TX

3.10 has its impossibility documented. A malicious RPC cananot effect this code.
This commit is contained in:
Luke Parker 2023-07-10 14:43:46 -04:00
parent fa1b569b78
commit 677b9b681f
No known key found for this signature in database
2 changed files with 8 additions and 1 deletions

View file

@ -137,11 +137,16 @@ impl Scanner {
pub fn scan_transaction(&self, tx: &Transaction) -> Vec<ReceivedOutput> { pub fn scan_transaction(&self, tx: &Transaction) -> Vec<ReceivedOutput> {
let mut res = vec![]; let mut res = vec![];
for (vout, output) in tx.output.iter().enumerate() { for (vout, output) in tx.output.iter().enumerate() {
// If the vout index exceeds 2**32, stop scanning outputs
let Ok(vout) = u32::try_from(vout) else {
break
};
if let Some(offset) = self.scripts.get(&output.script_pubkey) { if let Some(offset) = self.scripts.get(&output.script_pubkey) {
res.push(ReceivedOutput { res.push(ReceivedOutput {
offset: *offset, offset: *offset,
output: output.clone(), output: output.clone(),
outpoint: OutPoint::new(tx.txid(), u32::try_from(vout).unwrap()), outpoint: OutPoint::new(tx.txid(), vout),
}); });
} }
} }

View file

@ -221,6 +221,8 @@ impl SignableTransaction {
let mut sigs = vec![]; let mut sigs = vec![];
for i in 0 .. tx.input.len() { for i in 0 .. tx.input.len() {
let mut transcript = transcript.clone(); let mut transcript = transcript.clone();
// This unwrap is safe since any transaction with this many inputs violates the maximum
// size allowed under standards, which this lib will error on creation of
transcript.append_message(b"signing_input", u32::try_from(i).unwrap().to_le_bytes()); transcript.append_message(b"signing_input", u32::try_from(i).unwrap().to_le_bytes());
let offset = keys.clone().offset(self.offsets[i]); let offset = keys.clone().offset(self.offsets[i]);