bitcoinfuzz icon indicating copy to clipboard operation
bitcoinfuzz copied to clipboard

Published 20 hours ago verified publisher icon brunoerg

addrv2: rust-bitcoin returns invalid torv2 address

Open brunoerg opened this issue 8 months ago • 3 comments

I just got a crash in addrv2 (https://github.com/brunoerg/bitcoinfuzz/pull/48) target because when deserializing addrv2 addresses rust-bitcoin checks whether TorV2 address is valid and throws an error if it is invalid. However, when deserializing an addrv2, Bitcoin Core doesn't validate TorV2 anymore (Core removed support for torv2 - https://github.com/bitcoin/bitcoin/pull/22050) and simply ignore it. So, the message is valid but the addr is ignored.

3 => {
    if len != 10 {
        return Err(encode::Error::ParseFailed("Invalid TorV2 address"));
    }
    let id = Decodable::consensus_decode(r)?;
    AddrV2::TorV2(id)
}

However, it might be an issue in Bitcoin Core, because even not supporting torv2, it should validate the length according to the BIP.

brunoerg avatar Jun 26 '24 16:06 brunoerg