CBLSWrapper::SetHexStr() should not accept non-hex strings (#2843)

* CBLSWrapper::SetHexStr() should not accept non-hex strings * Rework to implement suggested behaviour
dashpay · Apr 8, 2019 · 9fa09b9 · 9fa09b9
1 parent 0f0d8ea
commit 9fa09b9
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 0 deletions.
diff --git a/src/bls/bls.h b/src/bls/bls.h
@@ -155,8 +155,13 @@ class CBLSWrapper
 
     bool SetHexStr(const std::string& str)
     {
+        if (!IsHex(str)) {
+            Reset();
+            return false;
+        }
         auto b = ParseHex(str);
         if (b.size() != SerSize) {
+            Reset();
             return false;
         }
         SetBuf(b);

diff --git a/src/test/bls_tests.cpp b/src/test/bls_tests.cpp
@@ -10,6 +10,24 @@
 
 BOOST_FIXTURE_TEST_SUITE(bls_tests, BasicTestingSetup)
 
+BOOST_AUTO_TEST_CASE(bls_sethexstr_tests)
+{
+    CBLSSecretKey sk;
+    std::string strValidSecret = "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f";
+    // Note: invalid string passed to SetHexStr() should cause it to fail and reset key internal data
+    BOOST_CHECK(sk.SetHexStr(strValidSecret));
+    BOOST_CHECK(!sk.SetHexStr("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1g")); // non-hex
+    BOOST_CHECK(!sk.IsValid());
+    BOOST_CHECK(sk == CBLSSecretKey());
+    // Try few more invalid strings
+    BOOST_CHECK(sk.SetHexStr(strValidSecret));
+    BOOST_CHECK(!sk.SetHexStr("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e")); // hex but too short
+    BOOST_CHECK(!sk.IsValid());
+    BOOST_CHECK(sk.SetHexStr(strValidSecret));
+    BOOST_CHECK(!sk.SetHexStr("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20")); // hex but too long
+    BOOST_CHECK(!sk.IsValid());
+}
+
 BOOST_AUTO_TEST_CASE(bls_sig_tests)
 {
     CBLSSecretKey sk1, sk2;