aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorWladimir J. van der Laan <laanwj@gmail.com>2017-08-18 11:27:56 +0200
committerWladimir J. van der Laan <laanwj@gmail.com>2017-08-18 11:28:15 +0200
commit9f60b3707d1ecf96b6340b2093b8a8fabcd77e74 (patch)
treeb772bff2a4a25fb00d1affaebd77574b0d2cc2d3 /src
parentc58128f189929e8efbf98456df3451e448aaa603 (diff)
parent07685d1bc1b0b815c00a68a5b7b335ffa0d4d90d (diff)
Merge #11081: Add length check for CExtKey deserialization (jonasschnelli, guidovranken)
07685d1 Add length check for CExtKey deserialization (Jonas Schnelli) Pull request description: Fix a potential overwrite or uninitialised data issue. That code part is currently unused (at least in Bitcoin Core). We already do the same check `CExtPubKey`. Reported by @guidovranken Tree-SHA512: 069ac5335248cf890491bc019537d3b0f7481428a4b240c5cd28ee89b56f4c9f45d947dd626fe89b2fae58472b6dbef57ed909876efe9963e2d72380d17cff12
Diffstat (limited to 'src')
-rw-r--r--src/key.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/key.h b/src/key.h
index 2c6f151727..151e63531b 100644
--- a/src/key.h
+++ b/src/key.h
@@ -172,6 +172,8 @@ struct CExtKey {
{
unsigned int len = ::ReadCompactSize(s);
unsigned char code[BIP32_EXTKEY_SIZE];
+ if (len != BIP32_EXTKEY_SIZE)
+ throw std::runtime_error("Invalid extended key size\n");
s.read((char *)&code[0], len);
Decode(code);
}