commit dfa4b24b7d76fdab387abd35a844712b38325e06
parent 22f9c3212185d394ed5b34faf7c0205024d837f2
Author: Ken Sedgwick <ken@bonsai.com>
Date: Thu, 20 Feb 2025 16:04:29 -0800
check message length before prefix comparisons
Diffstat:
1 file changed, 17 insertions(+), 2 deletions(-)
diff --git a/crates/enostr/src/relay/message.rs b/crates/enostr/src/relay/message.rs
@@ -78,6 +78,11 @@ impl<'a> RelayMessage<'a> {
return Err(Error::Empty);
}
+ // make sure we can inspect the begning of the message below ...
+ if msg.len() < 12 {
+ return Err(Error::DecodeFailed("message too short".into()));
+ }
+
// Notice
// Relay response format: ["NOTICE", <message>]
if msg.len() >= 12 && &msg[0..=9] == "[\"NOTICE\"," {
@@ -160,6 +165,16 @@ mod tests {
let tests = vec![
// Valid cases
(
+ // shortest valid message
+ r#"["EOSE","x"]"#,
+ Ok(RelayMessage::eose("x")),
+ ),
+ (
+ // also very short
+ r#"["NOTICE",""]"#,
+ Ok(RelayMessage::notice("")),
+ ),
+ (
r#"["NOTICE","Invalid event format!"]"#,
Ok(RelayMessage::notice("Invalid event format!")),
),
@@ -197,11 +212,11 @@ mod tests {
),
(
r#"["EOSE"]"#,
- Err(Error::DecodeFailed("unrecognized message type".into())),
+ Err(Error::DecodeFailed("message too short".into())),
),
(
r#"["NOTICE"]"#,
- Err(Error::DecodeFailed("unrecognized message type".into())),
+ Err(Error::DecodeFailed("message too short".into())),
),
(
r#"["NOTICE": 404]"#,
