[Crash/Fuzzing] "AssertionError" inside bcrypto library when parsing invalid ENR string.
pventuzelo opened this issue · 1 comments
pventuzelo commented
Describe the bug
When providing a specific string to discv5.ENR.decodeTxt function, an AssertionError inside bcrypto is triggered (see here)
This bug has been found by the community using beacon-fuzz and reported in our repository here. Kudos to @Buttaa for the finding !!
Steps to Reproduce
enr_typeerror_sig_lodestar.js:
var discv5 = require("@chainsafe/discv5");
buf = Buffer.from("656e723a2d4b7634514147774f54385374716d7749354c486149796d494f346f6f464b664e6b456a576130663150384f73456c67426832496a622d4772445f2d623957346b6350466377796e354845516d526371584e716470566f3168656f42683246306447356c64484f494141414141414141414143455a58526f4d704141414141414141414141505f5f5f5f5f5f5f5f5f5f676d6c6b676e5930676d6c7768424c663232534a6332566a634449314e6d73786f514a78436e4536765f7832656b67595f756f45317274777a76477934306d7139654436365866485042576749494e315a48437f7f7f7f7f7f7f7f7f7f7f7f7f7f7f7f7f7f7f7f7f7f434436410d0a", 'hex').toString()
console.log(buf)
discv5.ENR.decodeTxt(buf);Run:
$ npm i @chainsafe/discv5
$ nodejs ../beacon-fuzz/enr_typeerror_sig_lodestar.js
enr:-Kv4QAGwOT8StqmwI5LHaIymIO4ooFKfNkEjWa0f1P8OsElgBh2Ijb-GrD_-b9W4kcPFcwyn5HEQmRcqXNqdpVo1heoBh2F0dG5ldHOIAAAAAAAAAACEZXRoMpAAAAAAAAAAAP__________gmlkgnY0gmlwhBLf22SJc2VjcDI1NmsxoQJxCnE6v_x2ekgY_uoE1rtwzvGy40mq9eD66XfHPBWgIIN1ZHCCD6A
/tmp/tess/node_modules/bsert/lib/assert.js:84
throw new AssertionError({
^
AssertionError [ERR_ASSERTION]: Assertion failed.
at ECDSA.verify (/tmp/tess/node_modules/bcrypto/lib/js/ecdsa.js:600:5)
at Object.verify (/tmp/tess/node_modules/@chainsafe/discv5/lib/enr/v4.js:23:22)
at Map.verify (/tmp/tess/node_modules/@chainsafe/discv5/lib/enr/enr.js:197:19)
at Function.decodeFromValues (/tmp/tess/node_modules/@chainsafe/discv5/lib/enr/enr.js:55:18)
at Function.decode (/tmp/tess/node_modules/@chainsafe/discv5/lib/enr/enr.js:62:20)
at Function.decodeTxt (/tmp/tess/node_modules/@chainsafe/discv5/lib/enr/enr.js:68:20)
at Object.<anonymous> (/tmp/tess/titi.js:4:12)
at Module._compile (internal/modules/cjs/loader.js:1256:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1277:10)
at Module.load (internal/modules/cjs/loader.js:1105:32) {
type: 'AssertionError',
code: 'ERR_ASSERTION',
generatedMessage: true,
actual: false,
expected: true,
operator: '=='
}
Desktop (please complete the following information):
- OS:
Ubuntu 18.04 - @chainsafe/discv5:
0.2.5 - node -v:
v14.7.0
pventuzelo commented
I've updated the issue since on last version of nodejs, this bug trigger the "Assertion error".