From 08f938feb8847f9754747655637108472869ce9f Mon Sep 17 00:00:00 2001 From: Vicky Date: Sat, 14 Feb 2026 02:44:26 +0800 Subject: [PATCH] crypto: add hash length check in nocgo VerifySignature --- crypto/signature_nocgo.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/signature_nocgo.go b/crypto/signature_nocgo.go index 9dce1057fa..0f7aac54a8 100644 --- a/crypto/signature_nocgo.go +++ b/crypto/signature_nocgo.go @@ -103,7 +103,7 @@ func Sign(hash []byte, prv *ecdsa.PrivateKey) ([]byte, error) { // The public key should be in compressed (33 bytes) or uncompressed (65 bytes) format. // The signature should have the 64 byte [R || S] format. func VerifySignature(pubkey, hash, signature []byte) bool { - if len(signature) != 64 { + if len(signature) != 64 || len(hash) != DigestLength { return false } var r, s secp256k1.ModNScalar