kvazar/kevacoin
1
0
Fork 0
mirror of https://github.com/kvazar-network/kevacoin.git synced 2025-01-25 22:34:27 +00:00
Code Issues Projects Releases Wiki Activity

Merge #11081: Add length check for CExtKey deserialization (jonasschnelli, guidovranken)

Browse Source 
07685d1 Add length check for CExtKey deserialization (Jonas Schnelli)

Pull request description:

  Fix a potential overwrite or uninitialised data issue.
  That code part is currently unused (at least in Bitcoin Core).
  We already do the same check `CExtPubKey`.

  Reported by @guidovranken

Tree-SHA512: 069ac5335248cf890491bc019537d3b0f7481428a4b240c5cd28ee89b56f4c9f45d947dd626fe89b2fae58472b6dbef57ed909876efe9963e2d72380d17cff12
This commit is contained in:
Wladimir J. van der Laan 2017-08-18 11:27:56 +02:00
commit 9f60b3707d
No known key found for this signature in database
GPG Key ID: 1E4AED62986CD25D
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/key.h
View File

@ -172,6 +172,8 @@ struct CExtKey {
{ {
unsigned int len = ::ReadCompactSize(s); unsigned int len = ::ReadCompactSize(s);
unsigned char code[BIP32_EXTKEY_SIZE]; unsigned char code[BIP32_EXTKEY_SIZE];
if (len != BIP32_EXTKEY_SIZE)
throw std::runtime_error("Invalid extended key size\n");
s.read((char *)&code[0], len); s.read((char *)&code[0], len);
Decode(code); Decode(code);
} }