From fb26bf0ea3822638b10a783f054c280fc053a2b5 Mon Sep 17 00:00:00 2001
From: Patrick Strateman <patrick.strateman@gmail.com>
Date: Sat, 23 Apr 2016 22:21:52 -0700
Subject: [PATCH] CAddrMan::Deserialize handle corrupt serializations better.

---
 src/addrman.h | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/addrman.h b/src/addrman.h
index 4f3de8d7c..308545045 100644
--- a/src/addrman.h
+++ b/src/addrman.h
@@ -350,6 +350,14 @@ public:
             nUBuckets ^= (1 << 30);
         }
 
+        if (nNew > ADDRMAN_NEW_BUCKET_COUNT * ADDRMAN_BUCKET_SIZE) {
+            throw std::ios_base::failure("Corrupt CAddrMan serialization, nNew exceeds limit.");
+        }
+
+        if (nTried > ADDRMAN_TRIED_BUCKET_COUNT * ADDRMAN_BUCKET_SIZE) {
+            throw std::ios_base::failure("Corrupt CAddrMan serialization, nTried exceeds limit.");
+        }
+
         // Deserialize entries from the new table.
         for (int n = 0; n < nNew; n++) {
             CAddrInfo &info = mapInfo[n];