Add supported pubkey formats early check

maurolacy · maurolacy · commit 92df8f7ed8ba · 2021-02-09T10:59:16.000+01:00
diff --git a/packages/vm/src/imports.rs b/packages/vm/src/imports.rs
@@ -40,8 +40,10 @@ const LENGTH_SHA256_HASH: usize = 32;
 /// Max length of a serialized signature
 const MAX_LENGTH_SIGNATURE: usize = 64;
 
-/// Max length of a serialized public key
-const MAX_LENGTH_PUBKEY: usize = 33;
+/// Max length of a compressed serialized public key
+const MAX_LENGTH_COMPRESSED_PUBKEY: usize = 33;
+/// Max length of an uncompressed serialized public key
+const MAX_LENGTH_UNCOMPRESSED_PUBKEY: usize = 65;
 
 /// Max length for a debug message
 const MAX_LENGTH_DEBUG: usize = 2 * MI;
@@ -265,7 +267,12 @@ fn do_secp256k1_verify<A: Api, S: Storage, Q: Querier>(
 
     let signature = read_region(&env.memory(), signature_ptr, MAX_LENGTH_SIGNATURE)?;
 
-    let pubkey = read_region(&env.memory(), pubkey_ptr, MAX_LENGTH_PUBKEY)?;
+    let pubkey_prefix = read_region(&env.memory(), pubkey_ptr, 1)?;
+    let pubkey = match pubkey_prefix[0] {
+        0x02 | 0x03 => read_region(&env.memory(), pubkey_ptr, MAX_LENGTH_COMPRESSED_PUBKEY)?,
+        0x04 => read_region(&env.memory(), pubkey_ptr, MAX_LENGTH_UNCOMPRESSED_PUBKEY)?,
+        p =>  return Err(VmError::crypto_err(format!("unsupported pubkey prefix: {}", p))),
+    };
 
     let result = secp256k1_verify(&hash, &signature, &pubkey);
     let gas_info = GasInfo::with_cost(GAS_COST_VERIFY_SECP256K1_SIGNATURE);
