Improve Miniscript robustness

Author: sanket1729

src/expression.rs

@@ -20,6 +20,8 @@ use std::str::FromStr;
 use errstr;
 use Error;
 
+use MAX_RECURSION_DEPTH;
+
 #[derive(Debug)]
 /// A token of the form `x(...)` or `x`
 pub struct Tree<'a> {
@@ -34,7 +36,14 @@ pub trait FromTree: Sized {
 }
 
 impl<'a> Tree<'a> {
-    fn from_slice(mut sl: &'a str) -> Result<(Tree<'a>, &'a str), Error> {
+    fn from_slice(sl: &'a str) -> Result<(Tree<'a>, &'a str), Error> {
+        Self::from_slice_helper(sl, 0u32)
+    }
+
+    fn from_slice_helper(mut sl: &'a str, depth: u32) -> Result<(Tree<'a>, &'a str), Error> {
+        if depth >= MAX_RECURSION_DEPTH {
+            return Err(Error::MaxRecursiveDepthExceeded);
+        }
         enum Found {
             Nothing,
             Lparen(usize),
@@ -87,7 +96,7 @@ impl<'a> Tree<'a> {
 
                 sl = &sl[n + 1..];
                 loop {
-                    let (arg, new_sl) = Tree::from_slice(sl)?;
+                    let (arg, new_sl) = Tree::from_slice_helper(sl, depth + 1)?;
                     ret.args.push(arg);
 
                     if new_sl.is_empty() {

src/lib.rs

@@ -331,6 +331,10 @@ pub enum Error {
     ///Incorrect Script pubkey Hash for the descriptor. This is used for both
     /// `Sh` and `Wsh` descriptors
     IncorrectScriptHash,
+    /// Recursion depth exceeded when parsing policy/miniscript from string
+    MaxRecursiveDepthExceeded,
+    /// Recursion depth exceeded when parsing policy/miniscript from string
+    ScriptSizeTooLarge,
 }
 
 #[doc(hidden)]
@@ -361,6 +365,11 @@ impl error::Error for Error {
     }
 }
 
+// https://github.com/sipa/miniscript/pull/5 for discussion on this number
+const MAX_RECURSION_DEPTH: u32 = 402;
+// https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki
+const MAX_SCRIPT_SIZE: u32 = 10000;
+
 impl fmt::Display for Error {
     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
         match *self {
@@ -413,6 +422,16 @@ impl fmt::Display for Error {
             Error::IncorrectPubkeyHash => {
                 f.write_str("Incorrect pubkey hash for given descriptor pkh/wpkh")
             }
+            Error::MaxRecursiveDepthExceeded => write!(
+                f,
+                "Recusive depth over {} not permitted",
+                MAX_RECURSION_DEPTH
+            ),
+            Error::ScriptSizeTooLarge => write!(
+                f,
+                "Standardness rules imply bitcoin than {} bytes",
+                MAX_SCRIPT_SIZE
+            ),
         }
     }
 }

src/miniscript/mod.rs

@@ -128,6 +128,8 @@ impl<Pk: MiniscriptKey> Miniscript<Pk> {
 impl Miniscript<bitcoin::PublicKey> {
     /// Attempt to parse a script into a Miniscript representation
     pub fn parse(script: &script::Script) -> Result<Miniscript<bitcoin::PublicKey>, Error> {
+        // Transactions more than 100Kb are non-standard
+        if script.len() > 10000 {}
         let tokens = lex(script)?;
         let mut iter = TokenIter::new(tokens);