From 44b884ae1acc2d6b4e404b3dd3fae5d248fa3e9a Mon Sep 17 00:00:00 2001
From: Alper Gundogdu <mail@alpergundogdu.com>
Date: Fri, 5 Sep 2025 15:59:36 +0300
Subject: [PATCH 1/2] Check bounds in verify_full function to prevent panics

---
 src/verify.rs | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/verify.rs b/src/verify.rs
index a6f0cf3..c362f0b 100644
--- a/src/verify.rs
+++ b/src/verify.rs
@@ -74,14 +74,19 @@ pub fn verify_full(
       verify_full_p2tr(address, message, to_sign, pub_key)
     }
     AddressData::Segwit { witness_program }
-      if witness_program.version().to_num() == 0 && witness_program.program().len() == 20 =>
+      if witness_program.version().to_num() == 0
+        && witness_program.program().len() == 20
+        && to_sign.input.len() > 0
+        && to_sign.input[0].witness.len() > 1 =>
     {
       let pub_key =
         PublicKey::from_slice(&to_sign.input[0].witness[1]).map_err(|_| Error::InvalidPublicKey)?;
 
       verify_full_p2wpkh(address, message, to_sign, pub_key, false)
     }
-    AddressData::P2sh { script_hash: _ } => {
+    AddressData::P2sh { script_hash: _ }
+      if to_sign.input.len() > 0 && to_sign.input[0].witness.len() > 1 =>
+    {
       let pub_key =
         PublicKey::from_slice(&to_sign.input[0].witness[1]).map_err(|_| Error::InvalidPublicKey)?;
 

From e8e305a711007befadf64d1c5b98286e9c34bbc4 Mon Sep 17 00:00:00 2001
From: raphjaph <raphjaph@protonmail.com>
Date: Fri, 5 Sep 2025 09:16:41 -0400
Subject: [PATCH 2/2] Placate clippy

---
 src/verify.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/verify.rs b/src/verify.rs
index c362f0b..acb0113 100644
--- a/src/verify.rs
+++ b/src/verify.rs
@@ -76,7 +76,7 @@ pub fn verify_full(
     AddressData::Segwit { witness_program }
       if witness_program.version().to_num() == 0
         && witness_program.program().len() == 20
-        && to_sign.input.len() > 0
+        && !to_sign.input.is_empty()
         && to_sign.input[0].witness.len() > 1 =>
     {
       let pub_key =
@@ -85,7 +85,7 @@ pub fn verify_full(
       verify_full_p2wpkh(address, message, to_sign, pub_key, false)
     }
     AddressData::P2sh { script_hash: _ }
-      if to_sign.input.len() > 0 && to_sign.input[0].witness.len() > 1 =>
+      if !to_sign.input.is_empty() && to_sign.input[0].witness.len() > 1 =>
     {
       let pub_key =
         PublicKey::from_slice(&to_sign.input[0].witness[1]).map_err(|_| Error::InvalidPublicKey)?;