aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorSebastian Falbesoner <sebastian.falbesoner@gmail.com>2020-10-22 03:05:11 +0200
committerSebastian Falbesoner <sebastian.falbesoner@gmail.com>2020-10-22 03:39:55 +0200
commit56a461f72796ca60de28e78f144741eb1a4f5213 (patch)
treee22562f010dbc8f0846187e4ef9447f7ec68d9d8 /src
parentdda18e7310a202a8aa46c95279446131659f91c5 (diff)
wallet: fix buffer over-read in SQLite file magic check
If there is no terminating zero within the 16 magic bytes, the buffer would be over-read in the std::string constructor. Fixed by using the "from buffer" variant of the ctor (that also takes a size) rather than the "from c-string" variant.
Diffstat (limited to 'src')
-rw-r--r--src/wallet/sqlite.cpp4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/wallet/sqlite.cpp b/src/wallet/sqlite.cpp
index 02a161ecbd..6d2fdbe58b 100644
--- a/src/wallet/sqlite.cpp
+++ b/src/wallet/sqlite.cpp
@@ -619,8 +619,8 @@ bool IsSQLiteFile(const fs::path& path)
file.close();
// Check the magic, see https://sqlite.org/fileformat2.html
- std::string magic_str(magic);
- if (magic_str != std::string("SQLite format 3")) {
+ std::string magic_str(magic, 16);
+ if (magic_str != std::string("SQLite format 3", 16)) {
return false;
}