Bound RTM Base58/Bech32 address input lengths to mitigate DoS by MoneroOcean · Pull Request #23 · MoneroOcean/node-blocktemplate

MoneroOcean · 2026-05-29T17:19:06Z

Prevent untrusted daemon-supplied RTM payee addresses from triggering unbounded BigInt work, large buffer allocations, or event-loop/blocking by rejecting overlong inputs before decoding.

Add MAX_BASE58_ADDRESS_LENGTH and MAX_BECH32_ADDRESS_LENGTH constants and an early length check in decodeBase58Check to reject excessively long Base58 inputs before performing BigInt arithmetic.
Add an early length check in addressToScript to reject overlong addresses before attempting Base58 or Bech32 decoding, leaving valid address handling unchanged.

Inspected the rtm.js diff to confirm only minimal length checks were added around decodeBase58Check and addressToScript, and no other logic was changed.
Attempted to load rtm.js with Node (require('./rtm.js')) but runtime execution could not be completed in this environment because the bech32 dependency is not installed, so full dynamic tests were not run.

Limit RTM address decode input lengths

9ffafeb

MoneroOcean added aardvark codex labels May 29, 2026 — with ChatGPT Codex Connector

MoneroOcean merged commit 49d756e into master May 29, 2026
3 checks passed

MoneroOcean deleted the codex/fix-unbounded-bigint-base58-decoder branch May 29, 2026 18:09

Provide feedback