mirror of
https://github.com/bitcoin/bitcoin.git
synced 2025-01-12 04:42:36 -03:00
Merge bitcoin/bitcoin#25700: psbt: Fix unsigned integer overflow
4fa79837adpsbt: Fix unsigned integer overflow (Aurèle Oulès) Pull request description: Fixes #25692. This change prevents an unsigned integer overflow during the deserialization of a PSBT. ACKs for top commit: achow101: ACK4fa79837adTree-SHA512: 0863d4d31ada1ba50632b6a66cb4c694c0a15680a90cf9370129cf3db15e3c10e65610b779db047d5a4cc7c920708b728948708e4023e916099c6bfe730f01f9
This commit is contained in:
Andrew Chow
commit
aa22009887
1 changed files with 3 additions and 0 deletions
|
|
@ -893,6 +893,9 @@ struct PSBTOutput
|
||||||
s >> leaf_hashes;
|
s >> leaf_hashes;
|
||||||
size_t after_hashes = s.size();
|
size_t after_hashes = s.size();
|
||||||
size_t hashes_len = before_hashes - after_hashes;
|
size_t hashes_len = before_hashes - after_hashes;
|
||||||
|
if (hashes_len > value_len) {
|
||||||
|
throw std::ios_base::failure("Output Taproot BIP32 keypath has an invalid length");
|
||||||
|
}
|
||||||
size_t origin_len = value_len - hashes_len;
|
size_t origin_len = value_len - hashes_len;
|
||||||
m_tap_bip32_paths.emplace(xonly, std::make_pair(leaf_hashes, DeserializeKeyOrigin(s, origin_len)));
|
m_tap_bip32_paths.emplace(xonly, std::make_pair(leaf_hashes, DeserializeKeyOrigin(s, origin_len)));
|
||||||
break;
|
break;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue