electrum

Electrum Bitcoin wallet
git clone https://git.parazyd.org/electrum
Log | Files | Refs | Submodules
commit f04e5fbed6a572bb68482f757d76332918df2070
parent a8e6eaa247a7a21cba1d23bf72ae9799cbc0cd73
Author: SomberNight <somber.night@protonmail.com>
Date:   Thu, 22 Nov 2018 18:21:19 +0100

crypto: fix pkcs7 padding check

related: ricmoo/pyaes#22

in practice, the only strings we would incorrectly accept are
(certain length of) all zero bytes

Diffstat:

Melectrum/crypto.py | 4++--


1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/electrum/crypto.py b/electrum/crypto.py
@@ -55,8 +55,8 @@ def strip_PKCS7_padding(data: bytes) -> bytes:
     if len(data) % 16 != 0 or len(data) == 0:
         raise InvalidPadding("invalid length")
     padlen = data[-1]
-    if padlen > 16:
-        raise InvalidPadding("invalid padding byte (large)")
+    if not (0 < padlen <= 16):
+        raise InvalidPadding("invalid padding byte (out of range)")
     for i in data[-padlen:]:
         if i != padlen:
             raise InvalidPadding("invalid padding byte (inconsistent)")