fix: ethtypes: handle length overflow case

filecoin-project · Jul 18, 2023 · 9b8af13 · 9b8af13
1 parent 3af9fde
commit 9b8af13
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/chain/types/ethtypes/rlp.go b/chain/types/ethtypes/rlp.go
@@ -134,7 +134,7 @@ func decodeRLP(data []byte) (res interface{}, consumed int, err error) {
 			return nil, 0, err
 		}
 		totalLen := 1 + strLenInBytes + strLen
-		if totalLen > len(data) {
+		if totalLen > len(data) || totalLen < 0 {
 			return nil, 0, xerrors.Errorf("invalid rlp data: out of bound while parsing string")
 		}
 		return data[1+strLenInBytes : totalLen], totalLen, nil

diff --git a/chain/types/ethtypes/rlp_test.go b/chain/types/ethtypes/rlp_test.go
@@ -148,11 +148,12 @@ func TestDecodeNegativeLength(t *testing.T) {
 		mustDecodeHex("0xbfffffffffffffff0041424344"),
 		mustDecodeHex("0xc1bFFF1111111111111111"),
 		mustDecodeHex("0xbFFF11111111111111"),
+		mustDecodeHex("0xbf7fffffffffffffff41424344"),
 	}
 
 	for _, tc := range testcases {
 		_, err := DecodeRLP(tc)
-		require.Error(t, err, "invalid rlp data: negative string length")
+		require.ErrorContains(t, err, "invalid rlp data")
 	}
 }