Merge pull request #3207 from nspcc-dev/limit-rpc-signers

rpcsrv/params: limit tx signers/witnesses
nspcc-dev · Nov 20, 2023 · b5cf3f5 · b5cf3f5
2 parents 7fb077e + f6cb698
commit b5cf3f5
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/pkg/services/rpcsrv/params/param.go b/pkg/services/rpcsrv/params/param.go
@@ -399,6 +399,9 @@ func (p Param) GetSignersWithWitnesses() ([]transaction.Signer, []transaction.Wi
 	if err != nil {
 		return nil, nil, err
 	}
+	if len(hashes) > transaction.MaxAttributes {
+		return nil, nil, errors.New("too many signers")
+	}
 	signers := make([]transaction.Signer, len(hashes))
 	witnesses := make([]transaction.Witness, len(hashes))
 	// try to extract hashes first

diff --git a/pkg/services/rpcsrv/params/param_test.go b/pkg/services/rpcsrv/params/param_test.go
@@ -496,6 +496,15 @@ func TestParamGetSigners(t *testing.T) {
 		require.True(t, u2.Equals(actual[1].Account))
 	})
 
+	t.Run("overflow", func(t *testing.T) {
+		var hashes = make([]util.Uint256, transaction.MaxAttributes+1)
+		msg, err := json.Marshal(hashes)
+		require.NoError(t, err)
+		p := Param{RawMessage: msg}
+		_, _, err = p.GetSignersWithWitnesses()
+		require.Error(t, err)
+	})
+
 	t.Run("bad format", func(t *testing.T) {
 		p := Param{RawMessage: []byte(`"not a signer"`)}
 		_, _, err := p.GetSignersWithWitnesses()