fmtseq: privkey internals checking

Simple size checks that prevent some segfaults from working with mangled privkeys.
2024-06-27 09:18:16 +00:00 · 2014-01-25 10:34:33 +01:00 · 2014-01-25 10:34:33 +01:00 · fee6b431c2
commit fee6b431c2
parent 633be8c2cb
3 changed files with 46 additions and 2 deletions
--- a/src/fmtseq.cpp
+++ b/src/fmtseq.cpp
@ -93,6 +93,45 @@ static void store_desired (privkey&priv, uint did,
 	priv.desired[did][i.pos + (1 << depth) - 2] = i.item;
 }

+static bool check_privkey (privkey&priv, hash_func&hf)
+{
+	size_t i, j;
+	uint ts = (1 << (priv.h + 1) ) - 2;
+
+	/*
+	 * check the content of privkey caches to prevent reading/writing
+	 * unallocated memory.
+	 */
+
+	//exist tree count is always L
+	if (priv.exist.size() != priv.l) return false;
+
+	//exist tree sizes
+	for (i = 0; i < priv.exist.size(); ++i) {
+		if (priv.exist[i].size() != ts) return false;
+
+		//exist tree hash sizes must be OK
+		for (j = 0; j < ts; ++j)
+			if (priv.exist[i][j].size()
+			    != hf.size() )
+				return false;
+	}
+
+	//check desired stuff
+	if (priv.desired_stack.size() < priv.desired.size() ) return false;
+	if (priv.desired_progress.size() < priv.desired.size() ) return false;
+
+	for (i = 0; i < priv.desired.size(); ++i) {
+		if (priv.desired[i].size() != ts) return false;
+		for (j = 0; j < ts; ++j)
+			if (priv.desired[i][j].size()
+			    != hf.size() )
+				return false;
+	}
+
+	return true;
+}
+
 static void update_privkey (privkey&priv, hash_func&hf)
 {
 	uint i, j;
@ -330,6 +369,11 @@ int privkey::sign (const bvector& hash, bvector& sig, hash_func& hf)
 		return 2;
 	}

+	if (!check_privkey (*this, hf) ) {
+		err ("fmtseq: mangled privkey");
+		return 3;
+	}
+
 	uint commitments = fmtseq_commitments (hs);

 	bvector M2 = hash;
--- a/src/fmtseq.h
+++ b/src/fmtseq.h
@ -105,7 +105,6 @@ public:
 		return ( (H + fmtseq_commitments (hs) ) * hf.size() * 8) + H;
 	}

-
 	sencode* serialize();
 	bool unserialize (sencode*);
 };
--- a/src/serialization.cpp
+++ b/src/serialization.cpp
@ -552,7 +552,8 @@ bool fmtseq::privkey::unserialize (sencode*s)
 		desired_progress[i] = I->i;
 	}

-	//TODO check the sizes of everything
+	//checking the sizes and correctness of everything is a job of FMTSeq
+	//implementation that has some insight into how it works :]
 	return true;
 }