Merge pull request #286 from KyleMaas/fix-testinvalidfuzzed-working

Fix TestInvalidFuzzed (Simplified)
ssbc · Jan 2, 2023 · ab468b1 · ab468b1
2 parents 709ccbe + 723859f
commit ab468b1
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 11 deletions.
diff --git a/message/legacy/signature.go b/message/legacy/signature.go
@@ -13,9 +13,9 @@ import (
 	"fmt"
 	"io"
 	"regexp"
+	"crypto/ed25519"
 
 	refs "github.com/ssbc/go-ssb-refs"
-	"golang.org/x/crypto/ed25519"
 )
 
 var signatureRegexp = regexp.MustCompile(",\n  \"signature\": \"([A-Za-z0-9/+=.]+)\"")
@@ -47,18 +47,25 @@ func NewSignatureFromBase64(input []byte) (Signature, error) {
 	}
 	b64 := bytes.TrimSuffix(input, signatureSuffix)
 
-	// check we have at least 64 bytes of signature data
+	// initial check of signature data to make sure it's within reasonable limits, to be checked in detail later due to padding issues
+	// this is mainly to avoid decoding a signature that's obviously invalid and huge and filling up RAM in the process
 	gotLen := base64.StdEncoding.DecodedLen(len(b64))
 	if gotLen < ed25519.SignatureSize {
 		return nil, fmt.Errorf("ssb/signature: expected more signature data but only got %d", gotLen)
 	}
+	if gotLen > ed25519.SignatureSize + 2 {
+		return nil, fmt.Errorf("ssb/signature: expected less signature data but got a string that could decode to up to %d bytes", gotLen)
+	}
 
-	// allocate space for the signature and copy data into it
-	decoded := make([]byte, ed25519.SignatureSize)
-	_, err := base64.StdEncoding.Decode(decoded, b64)
+	// decode and check lengths
+	decoded, err := base64.StdEncoding.DecodeString(string(b64))
 	if err != nil {
 		return nil, fmt.Errorf("ssb/signature: invalid base64 data: %w", err)
 	}
+	decodedLen := len(decoded)
+	if decodedLen != ed25519.SignatureSize {
+		return nil, fmt.Errorf("ssb/signature: decoded data is %d bytes long and should be %d", decodedLen, ed25519.SignatureSize)
+	}
 
 	return Signature(decoded), err
 }

diff --git a/message/legacy/verify_invalid_test.go b/message/legacy/verify_invalid_test.go
@@ -12,7 +12,6 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
-	"github.com/ssbc/go-ssb/internal/testutils"
 	"github.com/ssbc/go-ssb/private/keys"
 	refs "github.com/ssbc/go-ssb-refs"
 )
@@ -49,11 +48,6 @@ import (
 // 	/usr/local/Cellar/go/1.16.6/libexec/src/testing/testing.go:1238 +0x2b3
 // exit status 2
 func TestInvalidFuzzed(t *testing.T) {
-	if testutils.SkipOnCI(t) {
-		// https://github.com/ssbc/go-ssb/pull/167
-		return
-	}
-
 	r := require.New(t)
 	a := assert.New(t)