Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add check for maximum signature length in ecdsa.ParseDERSignature #2135

Merged
merged 1 commit into from
Mar 18, 2024
Merged

Add check for maximum signature length in ecdsa.ParseDERSignature #2135

merged 1 commit into from
Mar 18, 2024

Conversation

SulaimanAminuBarkindo
Copy link
Contributor

@SulaimanAminuBarkindo SulaimanAminuBarkindo commented Mar 7, 2024
edited by Roasbeef
Loading

  • Updated the ecdsa.ParseDERSignature to include the MaxSigLen constant, which defines the maximum length of a DER encoded signature.
  • The MaxSigLen constant is set to 72 bytes, as per the explanation in the comment.
  • A new test case has been added to test the functionality with a long signature.
  • The test case checks if signatures longer than the specified maximum length are properly handled.
  • The test ensures that signatures exceeding the maximum length are correctly identified as invalid.

Fixes #2059

@SulaimanAminuBarkindo
Add check for maximum signature length in ecdsa.ParseDERSignature
9d2184e 
* Updated the `ecdsa.ParseDERSignature` to include the MaxSigLen constant, which defines the maximum length of a DER encoded signature.
* The MaxSigLen constant is set to 72 bytes, as per the explanation in the comment.
* A new test case has been added to test the functionality with a long signature.
* The test case checks if signatures longer than the specified maximum length are properly handled.
* The test ensures that signatures exceeding the maximum length are correctly identified as invalid.
@SulaimanAminuBarkindo SulaimanAminuBarkindo mentioned this pull request Mar 7, 2024
Closed
@guggero guggero linked an issue Mar 7, 2024 that may be closed by this pull request
ecdsa.ParseDERSignature() succeeds for an invalid signature (append arbitrary data) #2059
Closed
@coveralls
Copy link

Pull Request Test Coverage Report for Build 8184912910

Details

  • 6 of 6 (100.0%) changed or added relevant lines in 1 file are covered.
  • 6 unchanged lines in 2 files lost coverage.
  • Overall coverage increased (+0.01%) to 56.767%
Files with Coverage Reduction New Missed Lines %
mempool/mempool.go 1 66.84%
peer/peer.go 5 74.16%
Totals Coverage Status
Change from base Build 8160957537: 0.01%
Covered Lines: 29294
Relevant Lines: 51604
💛 - Coveralls

guggero
guggero approved these changes Mar 7, 2024
View reviewed changes
Copy link
Collaborator

@guggero guggero left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR, LGTM 🎉

@SulaimanAminuBarkindo SulaimanAminuBarkindo marked this pull request as ready for review March 7, 2024 08:42
Roasbeef
Roasbeef approved these changes Mar 18, 2024
View reviewed changes
Copy link
Member

@Roasbeef Roasbeef left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🪡

@Roasbeef Roasbeef merged commit a90d3d9 into btcsuite:master Mar 18, 2024
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@guggero guggero guggero approved these changes

@Roasbeef Roasbeef Roasbeef approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

ecdsa.ParseDERSignature() succeeds for an invalid signature (append arbitrary data)
4 participants
@SulaimanAminuBarkindo @coveralls @Roasbeef @guggero