Skip to content

Commit a2877f7

Browse files
committed
Merge bitcoin/bitcoin#25227: Handle invalid hex encoding in ParseHex
faab273 util: Return empty vector on invalid hex encoding (MarcoFalke) fa3549a test: Add hex parse unit tests (MarcoFalke) Pull request description: Seems a bit confusing to happily accept random bytes and pretend they are hex encoded strings. ACKs for top commit: stickies-v: re-ACK faab273 Tree-SHA512: a808135f744f50aece03d4bf5a71481c7bdca1fcdd0d5b113abdb0c8b382bf81cafee6d17c239041fb49b59f4e19970f24a475378e7f711c3a47d6438de2bdab
2 parents 873dcc1 + faab273 commit a2877f7

File tree

3 files changed

+44
-11
lines changed

3 files changed

+44
-11
lines changed

src/test/util_tests.cpp

Lines changed: 32 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -141,26 +141,52 @@ BOOST_AUTO_TEST_CASE(parse_hex)
141141
// Basic test vector
142142
result = ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f");
143143
BOOST_CHECK_EQUAL_COLLECTIONS(result.begin(), result.end(), expected.begin(), expected.end());
144+
result = TryParseHex<uint8_t>("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f").value();
145+
BOOST_CHECK_EQUAL_COLLECTIONS(result.begin(), result.end(), expected.begin(), expected.end());
144146

145147
// Spaces between bytes must be supported
146148
result = ParseHex("12 34 56 78");
147149
BOOST_CHECK(result.size() == 4 && result[0] == 0x12 && result[1] == 0x34 && result[2] == 0x56 && result[3] == 0x78);
150+
result = TryParseHex<uint8_t>("12 34 56 78").value();
151+
BOOST_CHECK(result.size() == 4 && result[0] == 0x12 && result[1] == 0x34 && result[2] == 0x56 && result[3] == 0x78);
148152

149153
// Leading space must be supported (used in BerkeleyEnvironment::Salvage)
150154
result = ParseHex(" 89 34 56 78");
151155
BOOST_CHECK(result.size() == 4 && result[0] == 0x89 && result[1] == 0x34 && result[2] == 0x56 && result[3] == 0x78);
156+
result = TryParseHex<uint8_t>(" 89 34 56 78").value();
157+
BOOST_CHECK(result.size() == 4 && result[0] == 0x89 && result[1] == 0x34 && result[2] == 0x56 && result[3] == 0x78);
158+
159+
// Mixed case and spaces are supported
160+
result = ParseHex(" Ff aA ");
161+
BOOST_CHECK(result.size() == 2 && result[0] == 0xff && result[1] == 0xaa);
162+
result = TryParseHex<uint8_t>(" Ff aA ").value();
163+
BOOST_CHECK(result.size() == 2 && result[0] == 0xff && result[1] == 0xaa);
152164

153-
// Embedded null is treated as end
165+
// Empty string is supported
166+
result = ParseHex("");
167+
BOOST_CHECK(result.size() == 0);
168+
result = TryParseHex<uint8_t>("").value();
169+
BOOST_CHECK(result.size() == 0);
170+
171+
// Spaces between nibbles is treated as invalid
172+
BOOST_CHECK_EQUAL(ParseHex("AAF F").size(), 0);
173+
BOOST_CHECK(!TryParseHex("AAF F").has_value());
174+
175+
// Embedded null is treated as invalid
154176
const std::string with_embedded_null{" 11 "s
155177
" \0 "
156178
" 22 "s};
157179
BOOST_CHECK_EQUAL(with_embedded_null.size(), 11);
158-
result = ParseHex(with_embedded_null);
159-
BOOST_CHECK(result.size() == 1 && result[0] == 0x11);
180+
BOOST_CHECK_EQUAL(ParseHex(with_embedded_null).size(), 0);
181+
BOOST_CHECK(!TryParseHex(with_embedded_null).has_value());
182+
183+
// Non-hex is treated as invalid
184+
BOOST_CHECK_EQUAL(ParseHex("1234 invalid 1234").size(), 0);
185+
BOOST_CHECK(!TryParseHex("1234 invalid 1234").has_value());
160186

161-
// Stop parsing at invalid value
162-
result = ParseHex("1234 invalid 1234");
163-
BOOST_CHECK(result.size() == 2 && result[0] == 0x12 && result[1] == 0x34);
187+
// Truncated input is treated as invalid
188+
BOOST_CHECK_EQUAL(ParseHex("12 3").size(), 0);
189+
BOOST_CHECK(!TryParseHex("12 3").has_value());
164190
}
165191

166192
BOOST_AUTO_TEST_CASE(util_HexStr)

src/util/strencodings.cpp

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -78,18 +78,19 @@ bool IsHexNumber(std::string_view str)
7878
}
7979

8080
template <typename Byte>
81-
std::vector<Byte> ParseHex(std::string_view str)
81+
std::optional<std::vector<Byte>> TryParseHex(std::string_view str)
8282
{
8383
std::vector<Byte> vch;
8484
auto it = str.begin();
85-
while (it != str.end() && it + 1 != str.end()) {
85+
while (it != str.end()) {
8686
if (IsSpace(*it)) {
8787
++it;
8888
continue;
8989
}
9090
auto c1 = HexDigit(*(it++));
91+
if (it == str.end()) return std::nullopt;
9192
auto c2 = HexDigit(*(it++));
92-
if (c1 < 0 || c2 < 0) break;
93+
if (c1 < 0 || c2 < 0) return std::nullopt;
9394
vch.push_back(Byte(c1 << 4) | Byte(c2));
9495
}
9596
return vch;

src/util/strencodings.h

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -57,9 +57,15 @@ enum class ByteUnit : uint64_t {
5757
* @return A new string without unsafe chars
5858
*/
5959
std::string SanitizeString(std::string_view str, int rule = SAFE_CHARS_DEFAULT);
60-
/** Parse the hex string into bytes (uint8_t or std::byte). Ignores whitespace. */
60+
/** Parse the hex string into bytes (uint8_t or std::byte). Ignores whitespace. Returns nullopt on invalid input. */
61+
template <typename Byte = std::byte>
62+
std::optional<std::vector<Byte>> TryParseHex(std::string_view str);
63+
/** Like TryParseHex, but returns an empty vector on invalid input. */
6164
template <typename Byte = uint8_t>
62-
std::vector<Byte> ParseHex(std::string_view str);
65+
std::vector<Byte> ParseHex(std::string_view hex_str)
66+
{
67+
return TryParseHex<Byte>(hex_str).value_or(std::vector<Byte>{});
68+
}
6369
signed char HexDigit(char c);
6470
/* Returns true if each character in str is a hex character, and has an even
6571
* number of hex digits.*/

0 commit comments

Comments
 (0)