diff --git a/crates/consensus/src/transaction/rlp.rs b/crates/consensus/src/transaction/rlp.rs index 4c3a651f958..b3656696867 100644 --- a/crates/consensus/src/transaction/rlp.rs +++ b/crates/consensus/src/transaction/rlp.rs @@ -109,13 +109,19 @@ pub trait RlpEcdsaTx: SignableTransaction + Sized { if !header.list { return Err(alloy_rlp::Error::UnexpectedString); } - let remaining_len = buf.len(); + let remaining = buf.len(); - if header.payload_length > remaining_len { + if header.payload_length > remaining { return Err(alloy_rlp::Error::InputTooShort); } - Self::rlp_decode_fields(buf) + let this = Self::rlp_decode_fields(buf)?; + + if buf.len() + header.payload_length != remaining { + return Err(alloy_rlp::Error::UnexpectedLength); + } + + Ok(this) } /// Decodes the transaction from RLP bytes, including the signature. @@ -185,7 +191,15 @@ pub trait RlpEcdsaTx: SignableTransaction + Sized { if header.list { return Err(alloy_rlp::Error::UnexpectedList.into()); } - Self::eip2718_decode_with_type(buf, ty) + + let remaining = buf.len(); + let res = Self::eip2718_decode_with_type(buf, ty)?; + + if buf.len() + header.payload_length != remaining { + return Err(alloy_rlp::Error::UnexpectedLength.into()); + } + + Ok(res) } /// Decodes the transaction from network bytes, expecting the default type diff --git a/crates/eips/src/eip4844/sidecar.rs b/crates/eips/src/eip4844/sidecar.rs index 62d778810e3..2204c077f80 100644 --- a/crates/eips/src/eip4844/sidecar.rs +++ b/crates/eips/src/eip4844/sidecar.rs @@ -363,7 +363,14 @@ impl BlobTransactionSidecar { if buf.len() < header.payload_length { return Err(alloy_rlp::Error::InputTooShort); } - Self::rlp_decode_fields(buf) + let remaining = buf.len(); + let this = Self::rlp_decode_fields(buf)?; + + if buf.len() + header.payload_length != remaining { + return Err(alloy_rlp::Error::UnexpectedLength); + } + + Ok(this) } }