Too long hex strings (correct length + 1) are accepted as valid arguments to hash160/ripemd160/hash256/sha256 in policies #23
Description
Too long hex strings (correct length + 1) are accepted as valid arguments to hash160/ripemd160/hash256/sha256 in policies.
For hash160 and ripemd160:
40 char hex is valid as expected:
$./miniscript <<< "hash160(1234567890123456789012345678901234567890)"
0 scriptlen=27 maxops=4 type=B safe=no nonmal=yes dissat=yes input=1n output=1 miniscript=hash160(1234567890123456789012345678901234567890)
41 char hex is unexpectedly valid:
$ ./miniscript <<< "hash160(12345678901234567890123456789012345678901)"
0 scriptlen=27 maxops=4 type=B safe=no nonmal=yes dissat=yes input=1n output=1 miniscript=hash160(12345678901234567890123456789012345678901)
42 char hex is invalid as expected:
$ ./miniscript <<< "hash160(123456789012345678901234567890123456789012)"
Failed to parse as policy or miniscript 'hash160(123456789012345678901234567890123456789012)'
For hash256 and sha256:
64 char hex is valid as expected:
$ ./miniscript <<< "hash256(1234567890123456789012345678901234567890123456789012345678901234)"
0 scriptlen=39 maxops=4 type=B safe=no nonmal=yes dissat=yes input=1n output=1 miniscript=hash256(1234567890123456789012345678901234567890123456789012345678901234)
65 char hex is unexpectedly valid:
$ ./miniscript <<< "hash256(12345678901234567890123456789012345678901234567890123456789012345)"
66 char hex is invalid as expected:
$ ./miniscript <<< "hash256(123456789012345678901234567890123456789012345678901234567890123456)"