Fix out of bounds read

b58tobin needs to check if there are more leading zeros requested by the address than there are available
2024-11-26 09:28:13 +00:00 · 2018-03-22 22:06:45 +01:00 · 2018-03-22 22:06:45 +01:00 · 3d7d99a3e3
commit 3d7d99a3e3
parent 009850f6c9
1 changed files with 6 additions and 1 deletions
--- a/base58.c
+++ b/base58.c
@ -114,8 +114,13 @@ bool b58tobin(void *bin, size_t *binszp, const char *b58)
 	binu = bin;
 	for (i = 0; i < binsz; ++i)
 	{
-		if (binu[i])
+		if (binu[i]) {
+			if (zerocount > i) {
+				/* result too large */
+				return false;
+			}
 			break;
+		}
 		--*binszp;
 	}
 	*binszp += zerocount;