Browse Source

Add length check for CExtKey deserialization

Github-Pull: #11081
Rebased-From: 07685d1bc1
Tree-SHA512: 7f6b9ca6714d059d500531eb842c1c25edfa04ecba0ea1d9a28010fced657c066cea67d2016bbaa9b96c431a05ca9c0dcf2ba301898ecf96a65a4e01aac7fae9
0.15
Jonas Schnelli 7 years ago committed by Wladimir J. van der Laan
parent
commit
9fe1f6bd89
No known key found for this signature in database
GPG Key ID: 1E4AED62986CD25D
  1. 2
      src/key.h

2
src/key.h

@ -172,6 +172,8 @@ struct CExtKey {
{ {
unsigned int len = ::ReadCompactSize(s); unsigned int len = ::ReadCompactSize(s);
unsigned char code[BIP32_EXTKEY_SIZE]; unsigned char code[BIP32_EXTKEY_SIZE];
if (len != BIP32_EXTKEY_SIZE)
throw std::runtime_error("Invalid extended key size\n");
s.read((char *)&code[0], len); s.read((char *)&code[0], len);
Decode(code); Decode(code);
} }

Loading…
Cancel
Save