From 07685d1bc1b0b815c00a68a5b7b335ffa0d4d90d Mon Sep 17 00:00:00 2001 From: Jonas Schnelli Date: Thu, 17 Aug 2017 21:54:23 +0200 Subject: [PATCH] Add length check for CExtKey deserialization --- src/key.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/key.h b/src/key.h index 2c6f15172..151e63531 100644 --- a/src/key.h +++ b/src/key.h @@ -172,6 +172,8 @@ struct CExtKey { { unsigned int len = ::ReadCompactSize(s); unsigned char code[BIP32_EXTKEY_SIZE]; + if (len != BIP32_EXTKEY_SIZE) + throw std::runtime_error("Invalid extended key size\n"); s.read((char *)&code[0], len); Decode(code); }