Skip to content

Commit

Permalink
tx: fix possible panic in sig verification
Browse files Browse the repository at this point in the history
  • Loading branch information
tzemanovic committed Jul 23, 2024
1 parent 8479d38 commit 9ab2c32
Showing 1 changed file with 8 additions and 5 deletions.
13 changes: 8 additions & 5 deletions crates/tx/src/types.rs
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,8 @@ pub enum VerifySigError {
InvalidSectionSignature(String),
#[error("The number of PKs overflows u8::MAX")]
PksOverflow,
#[error("An expected signature is missing.")]
MissingSignature,
}

#[allow(missing_docs)]
Expand Down Expand Up @@ -558,18 +560,19 @@ impl Authorization {
// Verify the signatures against the subset of this section's public
// keys that are also in the given map
Signer::PubKeys(pks) => {
let hash = self.get_raw_hash();
for (idx, pk) in pks.iter().enumerate() {
if let Some(map_idx) =
public_keys_index_map.get_index_from_public_key(pk)
{
let sig_idx = u8::try_from(idx)
.map_err(|_| VerifySigError::PksOverflow)?;
consume_verify_sig_gas()?;
common::SigScheme::verify_signature(
pk,
&self.get_raw_hash(),
&self.signatures[&sig_idx],
)?;
let sig = self
.signatures
.get(&sig_idx)
.ok_or(VerifySigError::MissingSignature)?;
common::SigScheme::verify_signature(pk, &hash, sig)?;
verified_pks.insert(map_idx);
// Cannot overflow
#[allow(clippy::arithmetic_side_effects)]
Expand Down

0 comments on commit 9ab2c32

Please sign in to comment.