From c5f26beeeae315faf8e4be4476cf92949048101c Mon Sep 17 00:00:00 2001 From: Andrew Kozlik Date: Wed, 2 Dec 2020 18:20:16 +0100 Subject: [PATCH] fix(crypto): Fix undefined behavior in xmr_read_varint(). --- crypto/monero/serialize.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/monero/serialize.c b/crypto/monero/serialize.c index ebd323b93d..4d4cbd8bbe 100644 --- a/crypto/monero/serialize.c +++ b/crypto/monero/serialize.c @@ -37,7 +37,7 @@ int xmr_read_varint(uint8_t *buff, size_t buff_size, uint64_t *val) { for (int shift = 0; read < buff_size; shift += 7, ++read) { uint8_t byte = buff[read]; - if (byte == 0 && shift != 0) { + if ((byte == 0 && shift != 0) || (shift >= 63 && byte > 1)) { return -1; }