Merge #11081: Add length check for CExtKey deserialization (jonasschnelli, guidovranken)

07685d1 Add length check for CExtKey deserialization (Jonas Schnelli) Pull request description: Fix a potential overwrite or uninitialised data issue. That code part is currently unused (at least in Bitcoin Core). We already do the same check `CExtPubKey`. Reported by @guidovranken Tree-SHA512: 069ac5335248cf890491bc019537d3b0f7481428a4b240c5cd28ee89b56f4c9f45d947dd626fe89b2fae58472b6dbef57ed909876efe9963e2d72380d17cff12
7 years ago · 9f60b3707d
1 changed files with 2 additions and 0 deletions
--- a/src/key.h
+++ b/src/key.h
@ -172,6 +172,8 @@ struct CExtKey {
				@@ -172,6 +172,8 @@ struct CExtKey {
    {
        unsigned int len = ::ReadCompactSize(s);
        unsigned char code[BIP32_EXTKEY_SIZE];
+        if (len != BIP32_EXTKEY_SIZE)
+            throw std::runtime_error("Invalid extended key size\n");
        s.read((char *)&code[0], len);
        Decode(code);
    }