Browse Source

Merge pull request #3226 from SomberNight/tx_deser_exc

make tx deserialization more robust to ill-formed tx
3.0.x
ThomasV 7 years ago
committed by GitHub
parent
commit
c7350809ec
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
  1. 20
      gui/qt/main_window.py
  2. 2
      lib/tests/test_transaction.py
  3. 33
      lib/transaction.py

20
gui/qt/main_window.py

@ -2119,17 +2119,25 @@ class ElectrumWindow(QMainWindow, MessageBoxMixin, PrintError):
return self.tx_from_text(file_content) return self.tx_from_text(file_content)
def do_process_from_text(self): def do_process_from_text(self):
from electrum.transaction import SerializationError
text = text_dialog(self, _('Input raw transaction'), _("Transaction:"), _("Load transaction")) text = text_dialog(self, _('Input raw transaction'), _("Transaction:"), _("Load transaction"))
if not text: if not text:
return return
tx = self.tx_from_text(text) try:
if tx: tx = self.tx_from_text(text)
self.show_transaction(tx) if tx:
self.show_transaction(tx)
except SerializationError as e:
self.show_critical(_("Electrum was unable to deserialize the transaction:") + "\n" + str(e))
def do_process_from_file(self): def do_process_from_file(self):
tx = self.read_tx_from_file() from electrum.transaction import SerializationError
if tx: try:
self.show_transaction(tx) tx = self.read_tx_from_file()
if tx:
self.show_transaction(tx)
except SerializationError as e:
self.show_critical(_("Electrum was unable to deserialize the transaction:") + "\n" + str(e))
def do_process_from_txid(self): def do_process_from_txid(self):
from electrum import transaction from electrum import transaction

2
lib/tests/test_transaction.py

@ -30,7 +30,7 @@ class TestBCDataStream(unittest.TestCase):
for v in values: for v in values:
self.assertEqual(s.read_compact_size(), v) self.assertEqual(s.read_compact_size(), v)
with self.assertRaises(IndexError): with self.assertRaises(transaction.SerializationError):
s.read_compact_size() s.read_compact_size()
def test_string(self): def test_string(self):

33
lib/transaction.py

@ -77,10 +77,7 @@ class BCDataStream(object):
if self.input is None: if self.input is None:
raise SerializationError("call write(bytes) before trying to deserialize") raise SerializationError("call write(bytes) before trying to deserialize")
try: length = self.read_compact_size()
length = self.read_compact_size()
except IndexError:
raise SerializationError("attempt to read past end of buffer")
return self.read_bytes(length).decode(encoding) return self.read_bytes(length).decode(encoding)
@ -117,15 +114,18 @@ class BCDataStream(object):
def write_uint64(self, val): return self._write_num('<Q', val) def write_uint64(self, val): return self._write_num('<Q', val)
def read_compact_size(self): def read_compact_size(self):
size = self.input[self.read_cursor] try:
self.read_cursor += 1 size = self.input[self.read_cursor]
if size == 253: self.read_cursor += 1
size = self._read_num('<H') if size == 253:
elif size == 254: size = self._read_num('<H')
size = self._read_num('<I') elif size == 254:
elif size == 255: size = self._read_num('<I')
size = self._read_num('<Q') elif size == 255:
return size size = self._read_num('<Q')
return size
except IndexError:
raise SerializationError("attempt to read past end of buffer")
def write_compact_size(self, size): def write_compact_size(self, size):
if size < 0: if size < 0:
@ -143,8 +143,11 @@ class BCDataStream(object):
self._write_num('<Q', size) self._write_num('<Q', size)
def _read_num(self, format): def _read_num(self, format):
(i,) = struct.unpack_from(format, self.input, self.read_cursor) try:
self.read_cursor += struct.calcsize(format) (i,) = struct.unpack_from(format, self.input, self.read_cursor)
self.read_cursor += struct.calcsize(format)
except Exception as e:
raise SerializationError(e)
return i return i
def _write_num(self, format, num): def _write_num(self, format, num):

Loading…
Cancel
Save