Qortal/altcoinj
3
0
Fork 0
mirror of https://github.com/Qortal/altcoinj.git synced 2025-01-30 23:02:15 +00:00
Code Issues Projects Releases Wiki Activity

Restrict scope of NPE check for Bouncy Castle bug.

Browse Source
This commit is contained in:
Mike Hearn 2013-02-21 14:42:04 +01:00
parent 85c9950d9e
commit 3680c7f52f
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
core/src/main/java/com/google/bitcoin/core/ECKey.java
View File

@ -323,12 +323,17 @@ public class ECKey implements Serializable {
// OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be // OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be
// Thus, we always use the positive versions. // Thus, we always use the positive versions.
// See: http://r6.ca/blog/20111119T211504Z.html // See: http://r6.ca/blog/20111119T211504Z.html
try {
return signer.verifySignature(data, r.getPositiveValue(), s.getPositiveValue()); return signer.verifySignature(data, r.getPositiveValue(), s.getPositiveValue());
} catch (NullPointerException e) {
// Bouncy Castle contains a bug that can cause NPEs given specially crafted signatures. Those signatures
// are inherently invalid/attack sigs so we just fail them here rather than crash the thread.
System.err.println("Caught NPE inside bouncy castle: " + e);
e.printStackTrace();
return false;
}
} catch (IOException e) { } catch (IOException e) {
throw new RuntimeException(e); throw new RuntimeException(e);
} catch (NullPointerException e) {
// Bug in BouncyCastle can cause this for invalid signatures.
return false;
} }
} }