diff options
| author | Wladimir J. van der Laan <laanwj@gmail.com> | 2019-02-08 11:41:39 +0100 |
|---|---|---|
| committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2019-02-08 12:30:21 +0100 |
| commit | 6fc656a410b6fa469be258414f1e26cd4b6025af (patch) | |
| tree | 4813191e90ece4956a1e0c95ff459cb2cf1b142a /src | |
| parent | b9b26d9c3615d15669ae0a049c1dede39a9e59a9 (diff) | |
| parent | d855e4cac8303ad4e34ac31cfa7634286589ce99 (diff) | |
| download | bitcoin-6fc656a410b6fa469be258414f1e26cd4b6025af.tar.xz | |
Merge #14242: Avoid triggering undefined behaviour (std::memset(nullptr, 0, 0)) if an invalid string is passed to DecodeSecret(...)
d855e4cac8303ad4e34ac31cfa7634286589ce99 Avoid triggering undefined behaviour (std::memset(nullptr, 0, 0)) if an invalid string is passed to DecodeSecret(...) (practicalswift)
Pull request description:
Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)`.
Background reading: [memcpy (and friends) with NULL pointers](https://www.imperialviolet.org/2016/06/26/nonnull.html)
Steps to reproduce:
```
./configure --with-sanitizers=undefined && make check && ./test/functional/test_runner.py
```
Tree-SHA512: b8325ced4f724d9c03065e0747af56b1f297a90d9fb09a24d46c3231a90dce3df6299f2c41f863b5cec18eaeded7b46ee4b93d9a52adc2541eb4c44d2c0965d9
Diffstat (limited to 'src')
| -rw-r--r-- | src/key_io.cpp | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/key_io.cpp b/src/key_io.cpp index d998089535..1d53a5e074 100644 --- a/src/key_io.cpp +++ b/src/key_io.cpp @@ -142,7 +142,9 @@ CKey DecodeSecret(const std::string& str) key.Set(data.begin() + privkey_prefix.size(), data.begin() + privkey_prefix.size() + 32, compressed); } } - memory_cleanse(data.data(), data.size()); + if (!data.empty()) { + memory_cleanse(data.data(), data.size()); + } return key; } |