Merge pull request #2884 from gavinandresen/canonicalsizes2

Reject non-canonically-encoded CompactSize
author: Gavin Andresen <gavinandresen@gmail.com> 2013-10-19 23:03:04 -0700
committer: Gavin Andresen <gavinandresen@gmail.com> 2013-10-19 23:03:04 -0700
commit: f90b690a0d5fb147080da4ecdab1a99ce0b72042 (patch)
tree: 4a2cf254e83d5a26e343a41b5160e06944699dc5 /src/serialize.h
parent: d3b0fa1d82d0883f2e18e95b91125dd19659a17a (diff)
parent: 8dc206a1e2715be83912e039465a049b708b94c1 (diff)
download: bitcoin-f90b690a0d5fb147080da4ecdab1a99ce0b72042.tar.xz
1 files changed, 6 insertions, 0 deletions
diff --git a/src/serialize.h b/src/serialize.h
index e3d9939bcc..ca3c962240 100644
--- a/src/serialize.h
+++ b/src/serialize.h
@@ -216,18 +216,24 @@ uint64 ReadCompactSize(Stream& is)
         unsigned short xSize;
         READDATA(is, xSize);
         nSizeRet = xSize;
+        if (nSizeRet < 253)
+            throw std::ios_base::failure("non-canonical ReadCompactSize()");
     }
     else if (chSize == 254)
     {
         unsigned int xSize;
         READDATA(is, xSize);
         nSizeRet = xSize;
+        if (nSizeRet < 0x10000u)
+            throw std::ios_base::failure("non-canonical ReadCompactSize()");
     }
     else
     {
         uint64 xSize;
         READDATA(is, xSize);
         nSizeRet = xSize;
+        if (nSizeRet < 0x100000000LLu)
+            throw std::ios_base::failure("non-canonical ReadCompactSize()");
     }
     if (nSizeRet > (uint64)MAX_SIZE)
         throw std::ios_base::failure("ReadCompactSize() : size too large");
author	Gavin Andresen <gavinandresen@gmail.com>	2013-10-19 23:03:04 -0700
committer	Gavin Andresen <gavinandresen@gmail.com>	2013-10-19 23:03:04 -0700
commit	f90b690a0d5fb147080da4ecdab1a99ce0b72042 (patch)
tree	4a2cf254e83d5a26e343a41b5160e06944699dc5 /src/serialize.h
parent	d3b0fa1d82d0883f2e18e95b91125dd19659a17a (diff)
parent	8dc206a1e2715be83912e039465a049b708b94c1 (diff)
download	bitcoin-f90b690a0d5fb147080da4ecdab1a99ce0b72042.tar.xz