decode: Add empty data check

Currently we index into the data field without first checking it is not empty. For context, the indexing is done _before_ we do segwit validity checks which check for correct data lengths. This is a real noob bug , bad Tobin - no biscuit. Add a check for the empty array before indexing into it.
tcharding · Sep 18, 2023 · e73c483 · e73c483
1 parent dcdbffc
commit e73c483
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/src/primitives/decode.rs b/src/primitives/decode.rs
@@ -368,6 +368,10 @@ impl<'s> SegwitHrpstring<'s> {
     pub fn new(s: &'s str) -> Result<Self, SegwitHrpstringError> {
         let unchecked = UncheckedHrpstring::new(s)?;
 
+        if unchecked.data.is_empty() {
+            return Err(SegwitHrpstringError::MissingWitnessVersion);
+        }
+
         // Unwrap ok since check_characters (in `Self::new`) checked the bech32-ness of this char.
         let witness_version = Fe32::from_char(unchecked.data[0].into()).unwrap();
         if witness_version.to_u8() > 16 {