From 2f4d7e35c93cbf62dc3b8c703e063e6069e7c8cb Mon Sep 17 00:00:00 2001
From: therealyingtong <yingtong@electriccoin.co>
Date: Tue, 30 Jun 2020 05:50:10 +0800
Subject: [PATCH] Throw error in plaintext deserialization

---
 src/zcash/Note.cpp | 59 ++++++++++++++++++++++++++++------------------
 src/zcash/Note.hpp |  7 +++++-
 2 files changed, 42 insertions(+), 24 deletions(-)

diff --git a/src/zcash/Note.cpp b/src/zcash/Note.cpp
index 0b5451238..c23c2f1f1 100644
--- a/src/zcash/Note.cpp
+++ b/src/zcash/Note.cpp
@@ -196,15 +196,18 @@ boost::optional<SaplingOutgoingPlaintext> SaplingOutgoingPlaintext::decrypt(
     }
 
     // Deserialize from the plaintext
-    CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
-    ss << pt.get();
-
-    SaplingOutgoingPlaintext ret;
-    ss >> ret;
-
-    assert(ss.size() == 0);
-
-    return ret;
+    try {
+        CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
+        ss << pt.get();
+        SaplingOutgoingPlaintext ret;
+        ss >> ret;
+        assert(ss.size() == 0);
+        return ret;
+    } catch (const boost::thread_interrupted&) {
+        throw;
+    } catch (...) {
+        return boost::none;
+    }
 }
 
 boost::optional<SaplingNotePlaintext> SaplingNotePlaintext::decrypt(
@@ -290,13 +293,18 @@ boost::optional<SaplingNotePlaintext> SaplingNotePlaintext::attempt_sapling_enc_
     };
 
     // Deserialize from the plaintext
-    SaplingNotePlaintext plaintext;
-    CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
-    ss << encPlaintext.get();
-    ss >> plaintext;
-    assert(ss.size() == 0);
-
-    return plaintext;
+    SaplingNotePlaintext ret;
+    try {
+        CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
+        ss << encPlaintext.get();
+        ss >> ret;
+        assert(ss.size() == 0);
+        return ret;
+    } catch (const boost::thread_interrupted&) {
+        throw;
+    } catch (...) {
+        return boost::none;
+    }
 }
 
 boost::optional<SaplingNotePlaintext> SaplingNotePlaintext::decrypt(
@@ -384,13 +392,18 @@ boost::optional<SaplingNotePlaintext> SaplingNotePlaintext::attempt_sapling_enc_
     };
 
     // Deserialize from the plaintext
-    SaplingNotePlaintext plaintext;
-    CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
-    ss << encPlaintext.get();
-    ss >> plaintext;
-    assert(ss.size() == 0);
-
-    return plaintext;
+    SaplingNotePlaintext ret;
+    try {
+        CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
+        ss << encPlaintext.get();
+        ss >> ret;
+        assert(ss.size() == 0);
+        return ret;
+    } catch (const boost::thread_interrupted&) {
+        throw;
+    } catch (...) {
+        return boost::none;
+    }
 }
 
 boost::optional<SaplingNotePlaintextEncryptionResult> SaplingNotePlaintext::encrypt(const uint256& pk_d) const
diff --git a/src/zcash/Note.hpp b/src/zcash/Note.hpp
index bf667d90e..bc384588a 100644
--- a/src/zcash/Note.hpp
+++ b/src/zcash/Note.hpp
@@ -213,7 +213,12 @@ public:
 
     template <typename Stream, typename Operation>
     inline void SerializationOp(Stream& s, Operation ser_action) {
-        READWRITE(leadbyte);    // 1 byte
+        READWRITE(leadbyte);
+
+        if (leadbyte != 0x01 && leadbyte != 0x02) {
+            throw std::ios_base::failure("lead byte of SaplingNotePlaintext is not recognized");
+        }
+
         READWRITE(d);           // 11 bytes
         READWRITE(value_);      // 8 bytes
         READWRITE(rseed);       // 32 bytes