Accord bip66, lenR check bug

Question

guotie opened this issue 6 years ago · comments

if (5 + lenR >= buffer.length) return false

should be

if (5 + lenR > buffer.length) return false

because buffer is slice the last byte.

    // Make sure the length of the S element is still inside the signature.
    if (5 + lenR >= sig.size()) return false;

line 16

Daniel Cousens · Answer 1 · Tue Jun 19 2018 11:12:53 GMT+0800 (China Standard Time)

@guotie can you provide a test fixture?

Daniel Cousens · Answer 2 · Tue Jun 19 2018 11:13:20 GMT+0800 (China Standard Time)

because buffer is slice the last byte.

What buffer.slice?

铁哥 · Answer 3 · Tue Jun 19 2018 11:38:10 GMT+0800 (China Standard Time)

I mean the input param buffer length = origin buffer length - 1, so the condition should be change accord the code :

    // Make sure the length of the S element is still inside the signature.
    if (5 + lenR >= sig.size()) return false;

Daniel Cousens · Answer 4 · Tue Jun 19 2018 12:34:14 GMT+0800 (China Standard Time)

@guotie buffer length = origin buffer length - 1 what?
Can you directly link to the code you are querying?

Daniel Cousens · Answer 5 · Tue Jun 19 2018 15:35:53 GMT+0800 (China Standard Time)

@guotie I have no idea what you are referring to.

There is no buffer.length - 1.
There is no buffer.slice.

If you could provide a test case that shows clearly what isn't working, I'll re-open this issue, but as is, the code appears to be OK.

I don't doubt you might be on to something, but, I can't see based on the hints you are providing 😕 .

铁哥 · Answer 6 · Tue Jun 19 2018 15:51:35 GMT+0800 (China Standard Time)

Daniel Cousens · Answer 7 · Tue Jun 19 2018 17:10:51 GMT+0800 (China Standard Time)

Are you saying it should be 4 + lenR?

铁哥 · Answer 8 · Tue Jun 19 2018 17:23:56 GMT+0800 (China Standard Time)

yes, I think so

Daniel Cousens · Answer 9 · Tue Jun 19 2018 20:12:40 GMT+0800 (China Standard Time)

See #12 for working PR, tests needed though