🌱 Add validation to cryptography toAddress

LiskArchive · Mar 16, 2018 · 2d98226 · 2d98226
1 parent bef963e
commit 2d98226
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 1 deletion.
diff --git a/src/cryptography/convert.js b/src/cryptography/convert.js
@@ -44,7 +44,15 @@ export const getFirstEightBytesReversed = publicKeyBytes =>
 		.slice(0, 8)
 		.reverse();
 
-export const toAddress = buffer => `${bufferToBigNumberString(buffer)}L`;
+export const toAddress = buffer => {
+	if (
+		!Buffer.from(buffer)
+			.slice(0, 8)
+			.equals(buffer)
+	)
+		throw new Error('The buffer for Lisk addresses must not have than 8 bytes');
+	return `${bufferToBigNumberString(buffer)}L`;
+};
 
 export const getAddressFromPublicKey = publicKey => {
 	const publicKeyHash = hash(publicKey, 'hex');

diff --git a/test/cryptography/convert.js b/test/cryptography/convert.js
@@ -141,6 +141,15 @@ describe('convert', () => {
 			const address = toAddress(bufferInit);
 			return expect(address).to.be.eql(defaultAddressFromBuffer);
 		});
+
+		it('should throw on more than 8 bytes as input', () => {
+			const bufferExceedError =
+				'The buffer for Lisk addresses must not have than 8 bytes';
+			const bufferInit = Buffer.from(defaultStringWithMoreThanEightCharacters);
+			return expect(toAddress.bind(null, bufferInit)).to.throw(
+				bufferExceedError,
+			);
+		});
 	});
 
 	describe('#getAddressFromPublicKey', () => {