Add length check for CExtKey deserialization

Github-Pull: #11081 Rebased-From: 07685d1bc1 Tree-SHA512: 7f6b9ca6714d059d500531eb842c1c25edfa04ecba0ea1d9a28010fced657c066cea67d2016bbaa9b96c431a05ca9c0dcf2ba301898ecf96a65a4e01aac7fae9
7 years ago · 9fe1f6bd89
1 changed files with 2 additions and 0 deletions
--- a/src/key.h
+++ b/src/key.h
@ -172,6 +172,8 @@ struct CExtKey {
				@@ -172,6 +172,8 @@ struct CExtKey {
    {
        unsigned int len = ::ReadCompactSize(s);
        unsigned char code[BIP32_EXTKEY_SIZE];
+        if (len != BIP32_EXTKEY_SIZE)
+            throw std::runtime_error("Invalid extended key size\n");
        s.read((char *)&code[0], len);
        Decode(code);
    }