Skip to content

fix(walletapi): prevent receiver panic from out-of-range sender index#20

Merged
8lecramm merged 1 commit into
DEROFDN:community-devfrom
DHEBP:fix/sender-idx-bounds
Jun 15, 2026
Merged

fix(walletapi): prevent receiver panic from out-of-range sender index#20
8lecramm merged 1 commit into
DEROFDN:community-devfrom
DHEBP:fix/sender-idx-bounds

Conversation

@DHEBP

@DHEBP DHEBP commented Jun 13, 2026

Copy link
Copy Markdown

The sender-attribution index is an attacker-controlled byte in the decrypted payload, and the <= RingSize check let it index one past Publickeylist and panic a wallet during routine history sync. Tightens it to < RingSize in both decode paths; remotely triggerable, so worth a backport. (Companion to the receiver-honesty change in the next PR.)

…anic

The receiver decode paths used sender_idx <= RingSize against a
0-indexed Publickeylist of length RingSize, so a crafted byte equal
to RingSize indexed one slot past the slice and panicked the
receiving wallet during history processing. Tighten to < in both the
CBOR and CBOR_V2 paths so valid indices are 0..RingSize-1.
@8lecramm 8lecramm self-assigned this Jun 15, 2026
@8lecramm 8lecramm merged commit 215e626 into DEROFDN:community-dev Jun 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants