diff options
| author | Andrew Chow <achow101-github@achow101.com> | 2019-10-15 17:26:46 -0400 |
|---|---|---|
| committer | Andrew Chow <achow101-github@achow101.com> | 2020-01-06 12:57:21 -0500 |
| commit | deaa6dd144f5650b385658a0c4f9a014aff8dde2 (patch) | |
| tree | 21470cf99b54531eb03c5143cc3400e0495fdbfa /src/psbt.cpp | |
| parent | f1ef7f0aa46338f4cd8de79696027a1bf868f359 (diff) | |
| download | bitcoin-deaa6dd144f5650b385658a0c4f9a014aff8dde2.tar.xz | |
psbt: check output index is within bounds before accessing
Diffstat (limited to 'src/psbt.cpp')
| -rw-r--r-- | src/psbt.cpp | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/psbt.cpp b/src/psbt.cpp index 9ede62efdf..ed32465872 100644 --- a/src/psbt.cpp +++ b/src/psbt.cpp @@ -66,8 +66,11 @@ bool PartiallySignedTransaction::AddOutput(const CTxOut& txout, const PSBTOutput bool PartiallySignedTransaction::GetInputUTXO(CTxOut& utxo, int input_index) const { PSBTInput input = inputs[input_index]; - int prevout_index = tx->vin[input_index].prevout.n; + uint32_t prevout_index = tx->vin[input_index].prevout.n; if (input.non_witness_utxo) { + if (prevout_index >= input.non_witness_utxo->vout.size()) { + return false; + } utxo = input.non_witness_utxo->vout[prevout_index]; } else if (!input.witness_utxo.IsNull()) { utxo = input.witness_utxo; @@ -255,6 +258,9 @@ bool SignPSBTInput(const SigningProvider& provider, PartiallySignedTransaction& if (input.non_witness_utxo) { // If we're taking our information from a non-witness UTXO, verify that it matches the prevout. COutPoint prevout = tx.vin[index].prevout; + if (prevout.n >= input.non_witness_utxo->vout.size()) { + return false; + } if (input.non_witness_utxo->GetHash() != prevout.hash) { return false; } |