diff --git a/lib/varint.js b/lib/varint.js index 48da310..ee9e8d8 100644 --- a/lib/varint.js +++ b/lib/varint.js @@ -18,16 +18,19 @@ exports.decode = function(buf) { switch (buf[0]) { case 253: value = buf.readUInt16BE(1); + assert(value >= 253, "Impractical var_int"); length = 3; break; case 254: value = buf.readUInt32BE(1); + assert(value >= 65536, "Impractical var_int"); length = 5; break; case 255: var hi = buf.readUInt32BE(1); var lo = buf.readUInt32BE(5); value = new Int64(hi, lo); + assert(value >= 4294967296, "Impractical var_int"); length = 9; break; default: diff --git a/test.js b/test.js index 8ac6dac..e5aefca 100644 --- a/test.js +++ b/test.js @@ -9,7 +9,8 @@ var bmcrypto = require("./lib/crypto"); describe("var_int", function() { it("should decode", function() { var res; - expect(varint.decode.bind(Buffer([]))).to.throw(Error); + expect(varint.decode.bind(null, Buffer([]))).to.throw(Error); + expect(varint.decode.bind(null, Buffer("fd00", "hex"))).to.throw(Error); res = varint.decode(Buffer([123])); expect(res.value).to.equal(123); @@ -31,6 +32,12 @@ describe("var_int", function() { expect(res.length).to.equal(9); expect(res.rest.length).to.equal(0); }); + + it("should check for lowest length on decode", function() { + expect(varint.decode.bind(null, Buffer("fd00fc", "hex"))).to.throw(Error); + expect(varint.decode.bind(null, Buffer("fe0000ffff", "hex"))).to.throw(Error); + expect(varint.decode.bind(null, Buffer("ff00000000ffffffff", "hex"))).to.throw(Error); + }); }); describe("Crypto", function() {