Merge rust-bitcoin/rust-bitcoin#2970: bip152: check if indexes do not overflow

837f466f72 bip152: check if indexes do not overflow (Bruno Garcia)

Pull request description:

  When deserializing a `HeaderAndShortIds` we could check if the number of txs does not overflow 16 bits. If so, throw an error.

ACKs for top commit:
  apoelstra:
    ACK 837f466f72
  Kixunil:
    ACK 837f466f72

Tree-SHA512: 21797689758ae22666289cde123e3e9ae1bdb1ab2f85a1cd0f07ee8fa2a441e7b1b928f30b8fb1f65aef0c526c899eb96b83ed4fff074e70b31e0afad2c35930

bitcoin/src/bip152.rs

@@ -158,7 +158,32 @@ pub struct HeaderAndShortIds {
     ///  which we expect a peer may be missing.
     pub prefilled_txs: Vec<PrefilledTransaction>,
 }
-impl_consensus_encoding!(HeaderAndShortIds, header, nonce, short_ids, prefilled_txs);
+
+impl Decodable for HeaderAndShortIds {
+    fn consensus_decode<R: BufRead + ?Sized>(r: &mut R) -> Result<Self, encode::Error> {
+        let header_short_ids = HeaderAndShortIds {
+            header: Decodable::consensus_decode(r)?,
+            nonce: Decodable::consensus_decode(r)?,
+            short_ids: Decodable::consensus_decode(r)?,
+            prefilled_txs: Decodable::consensus_decode(r)?
+        };
+        match header_short_ids.short_ids.len().checked_add(header_short_ids.prefilled_txs.len()) {
+            Some(x) if x <= u16::MAX.into() => Ok(header_short_ids),
+            _ => Err(encode::Error::ParseFailed("indexes overflowed 16 bits")),
+        }
+    }
+}
+
+impl Encodable for HeaderAndShortIds {
+    fn consensus_encode<W: Write + ?Sized>(&self, w: &mut W) -> Result<usize, io::Error> {
+        let mut len = 0;
+        len += self.header.consensus_encode(w)?;
+        len += self.nonce.consensus_encode(w)?;
+        len += self.short_ids.consensus_encode(w)?;
+        len += self.prefilled_txs.consensus_encode(w)?;
+        Ok(len)
+    }
+}
 
 impl HeaderAndShortIds {
     /// Creates a new [`HeaderAndShortIds`] from a full block.