From 5a5d26d6123e0056656e406cd9f35aac6f71df4b Mon Sep 17 00:00:00 2001
From: Ava Chow <github@achow101.com>
Date: Wed, 5 Mar 2025 11:35:04 -0800
Subject: [PATCH] psbt: Require ECDSA signatures to be validly encoded

Needed for later validation of sighash types.
---
 src/psbt.h | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/psbt.h b/src/psbt.h
index dd7b02dc607..a23c120ed17 100644
--- a/src/psbt.h
+++ b/src/psbt.h
@@ -520,6 +520,11 @@ struct PSBTInput
                     std::vector<unsigned char> sig;
                     s >> sig;
 
+                    // Check that the signature is validly encoded
+                    if (sig.empty() || !CheckSignatureEncoding(sig, SCRIPT_VERIFY_DERSIG | SCRIPT_VERIFY_STRICTENC, nullptr)) {
+                        throw std::ios_base::failure("Signature is not a valid encoding");
+                    }
+
                     // Add to list
                     partial_sigs.emplace(pubkey.GetID(), SigPair(pubkey, std::move(sig)));
                     break;