Fix input data validation for ECRECOVER precompiled contract.

10 years ago · 3a550d6ac7
3 changed files with 5 additions and 4 deletions
--- a/libdevcrypto/Common.cpp
+++ b/libdevcrypto/Common.cpp
@ -37,7 +37,7 @@ using namespace dev::crypto;

 static Secp256k1 s_secp256k1;

-bool dev::SignatureStruct::isValid() const
+bool dev::SignatureStruct::isValid() const noexcept
 {
 	if (v > 1 ||
 		r >= h256("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141") ||
--- a/libdevcrypto/Common.h
+++ b/libdevcrypto/Common.h
@ -51,7 +51,7 @@ struct SignatureStruct
 	operator Signature() const { return *(h520 const*)this; }

 	/// @returns true if r,s,v values are valid, otherwise false
-	bool isValid() const;
+	bool isValid() const noexcept;

 	h256 r;
 	h256 s;
--- a/libethereum/Precompiled.cpp
+++ b/libethereum/Precompiled.cpp
@ -47,9 +47,10 @@ void ecrecoverCode(bytesConstRef _in, bytesRef _out)
 	memcpy(&in, _in.data(), min(_in.size(), sizeof(in)));

 	h256 ret;
-	if ((u256)in.v <= 28)
+	u256 v = (u256)in.v;
+	if (v >= 27 && v <= 28)
 	{
-		SignatureStruct sig(in.r, in.s, (byte)((int)(u256)in.v - 27));
+		SignatureStruct sig(in.r, in.s, (byte)((int)v - 27));
 		if (sig.isValid())
 		{
 			try